NetworkManager_dispatcher_tlp_selinux(8)

1NetworkManager_disSpEaLticnhuexr_Ptollpi_csyelNientuwxo(r8kN)MeatnwaogrekrM_adniasgpeart_cdhiesrp_attlcpher_tlp_selinux(8)
2
3
4

NAME

6       NetworkManager_dispatcher_tlp_selinux  - Security Enhanced Linux Policy
7       for the NetworkManager_dispatcher_tlp processes
8

DESCRIPTION

10       Security-Enhanced Linux secures the NetworkManager_dispatcher_tlp  pro‐
11       cesses via flexible mandatory access control.
12
13       The  NetworkManager_dispatcher_tlp  processes execute with the Network‐
14       Manager_dispatcher_tlp_t SELinux type. You can check if you have  these
15       processes running by executing the ps command with the -Z qualifier.
16
17       For example:
18
19       ps -eZ | grep NetworkManager_dispatcher_tlp_t
20
21
22

ENTRYPOINTS

24       The NetworkManager_dispatcher_tlp_t SELinux type can be entered via the
25       NetworkManager_dispatcher_tlp_script_t file type.
26
27       The default entrypoint paths  for  the  NetworkManager_dispatcher_tlp_t
28       domain are the following:
29
30       /usr/lib/NetworkManager/dispatcher.d/99tlp-rdw-nm
31

PROCESS TYPES

33       SELinux defines process types (domains) for each process running on the
34       system
35
36       You can see the context of a process using the -Z option to ps
37
38       Policy governs the access confined processes have  to  files.   SELinux
39       NetworkManager_dispatcher_tlp policy is very flexible allowing users to
40       setup their NetworkManager_dispatcher_tlp  processes  in  as  secure  a
41       method as possible.
42
43       The   following  process  types  are  defined  for  NetworkManager_dis‐
44       patcher_tlp:
45
46       NetworkManager_dispatcher_tlp_t
47
48       Note: semanage permissive  -a  NetworkManager_dispatcher_tlp_t  can  be
49       used  to  make the process type NetworkManager_dispatcher_tlp_t permis‐
50       sive. SELinux does not deny access to permissive process types, but the
51       AVC (SELinux denials) messages are still generated.
52
53

BOOLEANS

55       SELinux  policy  is  customizable based on least access required.  Net‐
56       workManager_dispatcher_tlp policy is extremely flexible and has several
57       booleans  that  allow  you to manipulate the policy and run NetworkMan‐
58       ager_dispatcher_tlp with the tightest access possible.
59
60
61
62       If you want to allow all domains to execute in fips_mode, you must turn
63       on the fips_mode boolean. Enabled by default.
64
65       setsebool -P fips_mode 1
66
67
68

MANAGED FILES

70       The  SELinux  process  type  NetworkManager_dispatcher_tlp_t can manage
71       files labeled with the following file types.  The paths listed are  the
72       default  paths for these file types.  Note the processes UID still need
73       to have DAC permissions.
74
75       tlp_var_run_t
76
77            /var/run/tlp(/.*)?
78
79

FILE CONTEXTS

81       SELinux requires files to have an extended attribute to define the file
82       type.
83
84       You can see the context of a file using the -Z option to ls
85
86       Policy  governs  the  access  confined  processes  have to these files.
87       SELinux NetworkManager_dispatcher_tlp policy is very flexible  allowing
88       users  to setup their NetworkManager_dispatcher_tlp processes in as se‐
89       cure a method as possible.
90
91       The following file types are defined for NetworkManager_dispatcher_tlp:
92
93
94
95       NetworkManager_dispatcher_tlp_script_t
96
97       - Set files with the  NetworkManager_dispatcher_tlp_script_t  type,  if
98       you  want  to  treat  the files as NetworkManager dispatcher tlp script
99       data.
100
101
102
103       Note: File context can be temporarily modified with the chcon  command.
104       If  you want to permanently change the file context you need to use the
105       semanage fcontext command.  This will modify the SELinux labeling data‐
106       base.  You will need to use restorecon to apply the labels.
107
108

COMMANDS

110       semanage  fcontext  can also be used to manipulate default file context
111       mappings.
112
113       semanage permissive can also be used to manipulate  whether  or  not  a
114       process type is permissive.
115
116       semanage  module can also be used to enable/disable/install/remove pol‐
117       icy modules.
118
119       semanage boolean can also be used to manipulate the booleans
120
121
122       system-config-selinux is a GUI tool available to customize SELinux pol‐
123       icy settings.
124
125

AUTHOR

127       This manual page was auto-generated using sepolicy manpage .
128
129