1mozilla_plugin_config_SsEeLliinnuuxx(P8o)licy mozilla_plumgoizni_lcloan_fpilgugin_config_selinux(8)
2
3
4

NAME

6       mozilla_plugin_config_selinux  - Security Enhanced Linux Policy for the
7       mozilla_plugin_config processes
8

DESCRIPTION

10       Security-Enhanced Linux secures the mozilla_plugin_config processes via
11       flexible mandatory access control.
12
13       The     mozilla_plugin_config     processes     execute     with    the
14       mozilla_plugin_config_t SELinux type. You can check if you  have  these
15       processes running by executing the ps command with the -Z qualifier.
16
17       For example:
18
19       ps -eZ | grep mozilla_plugin_config_t
20
21
22

ENTRYPOINTS

24       The  mozilla_plugin_config_t  SELinux  type  can  be  entered  via  the
25       mozilla_plugin_config_exec_t file type.
26
27       The default entrypoint paths for the mozilla_plugin_config_t domain are
28       the following:
29
30       /usr/lib/nspluginwrapper/plugin-config
31

PROCESS TYPES

33       SELinux defines process types (domains) for each process running on the
34       system
35
36       You can see the context of a process using the -Z option to ps
37
38       Policy governs the access confined processes have  to  files.   SELinux
39       mozilla_plugin_config  policy  is very flexible allowing users to setup
40       their mozilla_plugin_config processes in as secure a method  as  possi‐
41       ble.
42
43       The following process types are defined for mozilla_plugin_config:
44
45       mozilla_plugin_config_t
46
47       Note:  semanage  permissive  -a  mozilla_plugin_config_t can be used to
48       make the process type mozilla_plugin_config_t permissive. SELinux  does
49       not  deny  access to permissive process types, but the AVC (SELinux de‐
50       nials) messages are still generated.
51
52

BOOLEANS

54       SELinux  policy  is  customizable  based  on  least  access   required.
55       mozilla_plugin_config  policy  is  extremely  flexible  and has several
56       booleans  that  allow  you   to   manipulate   the   policy   and   run
57       mozilla_plugin_config with the tightest access possible.
58
59
60
61       If you want to allow all domains to execute in fips_mode, you must turn
62       on the fips_mode boolean. Enabled by default.
63
64       setsebool -P fips_mode 1
65
66
67
68       If you want to allow system to run with  NIS,  you  must  turn  on  the
69       nis_enabled boolean. Disabled by default.
70
71       setsebool -P nis_enabled 1
72
73
74
75       If  you want to support ecryptfs home directories, you must turn on the
76       use_ecryptfs_home_dirs boolean. Disabled by default.
77
78       setsebool -P use_ecryptfs_home_dirs 1
79
80
81

MANAGED FILES

83       The SELinux process type mozilla_plugin_config_t can manage  files  la‐
84       beled  with the following file types.  The paths listed are the default
85       paths for these file types.  Note the processes UID still need to  have
86       DAC permissions.
87
88       krb5_host_rcache_t
89
90            /var/tmp/krb5_0.rcache2
91            /var/cache/krb5rcache(/.*)?
92            /var/tmp/nfs_0
93            /var/tmp/DNS_25
94            /var/tmp/host_0
95            /var/tmp/imap_0
96            /var/tmp/HTTP_23
97            /var/tmp/HTTP_48
98            /var/tmp/ldap_55
99            /var/tmp/ldap_487
100            /var/tmp/ldapmap1_0
101
102       mozilla_plugin_rw_t
103
104            /usr/lib/mozilla/plugins-wrapped(/.*)?
105
106       mozilla_plugin_tmp_t
107
108
109

FILE CONTEXTS

111       SELinux requires files to have an extended attribute to define the file
112       type.
113
114       You can see the context of a file using the -Z option to ls
115
116       Policy governs the access  confined  processes  have  to  these  files.
117       SELinux mozilla_plugin_config policy is very flexible allowing users to
118       setup their mozilla_plugin_config processes in as secure  a  method  as
119       possible.
120
121       The following file types are defined for mozilla_plugin_config:
122
123
124
125       mozilla_plugin_config_exec_t
126
127       -  Set files with the mozilla_plugin_config_exec_t type, if you want to
128       transition an executable to the mozilla_plugin_config_t domain.
129
130
131
132       Note: File context can be temporarily modified with the chcon  command.
133       If  you want to permanently change the file context you need to use the
134       semanage fcontext command.  This will modify the SELinux labeling data‐
135       base.  You will need to use restorecon to apply the labels.
136
137

COMMANDS

139       semanage  fcontext  can also be used to manipulate default file context
140       mappings.
141
142       semanage permissive can also be used to manipulate  whether  or  not  a
143       process type is permissive.
144
145       semanage  module can also be used to enable/disable/install/remove pol‐
146       icy modules.
147
148       semanage boolean can also be used to manipulate the booleans
149
150
151       system-config-selinux is a GUI tool available to customize SELinux pol‐
152       icy settings.
153
154

AUTHOR

156       This manual page was auto-generated using sepolicy manpage .
157
158

SEE ALSO

160       selinux(8),   mozilla_plugin_config(8),   semanage(8),   restorecon(8),
161       chcon(1), sepolicy(8), setsebool(8)
162
163
164
165mozilla_plugin_config              23-02-03   mozilla_plugin_config_selinux(8)
Impressum