Red Hat ENTERPRISE LINUX 4 - SELINUX GUIDE Manual page 28

14
,
netif_type port_type
These attributes relate to network activity by domains. The
associated with network interfaces, allowing policy to control sending, receiving, and various
operations on the interface:
netif_t
netif_eth0_t
netif_eth1_t
netif_eth2_t
netif_lo_t
netif_ippp0_t
netif_ipsec0_t
netif_ipsec1_t
netif_ipsec2_t
The
port_type
lows SELinux to control port binding, meaning daemons are restricted in using a port depending
on the type assigned to the port:
dns_port_t
dhcpd_port_t
http_cache_port_t
port_t
reserved_port_t
http_port_t
pxe_port_t
smtp_port_t
mysqld_port_t
rndc_port_t
ntp_port_t
portmap_port_t
postgresql_port_t
snmp_port_t
syslogd_port_t
The
node_type
traffic to and from the node:
node_t
node_lo_t
node_internal_t
node_inaddr_any_t
node_unspec_t
node_link_local_t
node_site_local_t
node_multicast_t
node_mapped_ipv4_t
node_compat_ipv4_t
fs_type
This attribute identifies all types assigned to file systems, including non-persistent file systems.
The attribute is used in TE rules to allow most domains to obtain overall file system
fs_type
statistics, and for some specific domains to mount any file system. Here are the SELinux file
types that are part of
devpts_t: sysadm_devpts_t, staff_devpts_t, user_devpts_t
fs_t
eventpollfs_t
, and
node_type
attribute is associated with all types that are assigned to port numbers. This al-
is for types assigned to network nodes or hosts, allowing SELinux to control
:
fs_type
Chapter 2. SELinux Policy Overview
identifies the types
netif_type