NetworkManager_dispatcher_dhclient_selinux(8)

1NetworkManager_dSiEsLpiantucxhePro_ldihccyliNeenttwN_oesrtekwlMoiarnnkuaMxga(en8ra)_gdeirs_pdaitscphaetrc_hdehrc_ldihecnltient_selinux(8)
2
3
4

NAME

6       NetworkManager_dispatcher_dhclient_selinux  -  Security  Enhanced Linux
7       Policy for the NetworkManager_dispatcher_dhclient processes
8

DESCRIPTION

10       Security-Enhanced Linux secures the  NetworkManager_dispatcher_dhclient
11       processes via flexible mandatory access control.
12
13       The  NetworkManager_dispatcher_dhclient processes execute with the Net‐
14       workManager_dispatcher_dhclient_t SELinux type. You can  check  if  you
15       have  these  processes  running by executing the ps command with the -Z
16       qualifier.
17
18       For example:
19
20       ps -eZ | grep NetworkManager_dispatcher_dhclient_t
21
22
23

ENTRYPOINTS

25       The NetworkManager_dispatcher_dhclient_t SELinux type  can  be  entered
26       via the NetworkManager_dispatcher_dhclient_script_t file type.
27
28       The    default    entrypoint    paths   for   the   NetworkManager_dis‐
29       patcher_dhclient_t domain are the following:
30
31       /etc/NetworkManager/dispatcher.d/11-dhclient,      /usr/lib/NetworkMan‐
32       ager/dispatcher.d/11-dhclient
33

PROCESS TYPES

35       SELinux defines process types (domains) for each process running on the
36       system
37
38       You can see the context of a process using the -Z option to ps
39
40       Policy governs the access confined processes have  to  files.   SELinux
41       NetworkManager_dispatcher_dhclient  policy  is  very  flexible allowing
42       users to setup their NetworkManager_dispatcher_dhclient processes in as
43       secure a method as possible.
44
45       The   following  process  types  are  defined  for  NetworkManager_dis‐
46       patcher_dhclient:
47
48       NetworkManager_dispatcher_dhclient_t
49
50       Note: semanage permissive -a  NetworkManager_dispatcher_dhclient_t  can
51       be  used  to make the process type NetworkManager_dispatcher_dhclient_t
52       permissive. SELinux does not deny access to permissive  process  types,
53       but the AVC (SELinux denials) messages are still generated.
54
55

BOOLEANS

57       SELinux  policy  is  customizable based on least access required.  Net‐
58       workManager_dispatcher_dhclient policy is extremely  flexible  and  has
59       several  booleans  that allow you to manipulate the policy and run Net‐
60       workManager_dispatcher_dhclient with the tightest access possible.
61
62
63
64       If you want to allow all domains to execute in fips_mode, you must turn
65       on the fips_mode boolean. Enabled by default.
66
67       setsebool -P fips_mode 1
68
69
70

FILE CONTEXTS

72       SELinux requires files to have an extended attribute to define the file
73       type.
74
75       You can see the context of a file using the -Z option to ls
76
77       Policy governs the access  confined  processes  have  to  these  files.
78       SELinux  NetworkManager_dispatcher_dhclient policy is very flexible al‐
79       lowing users to  setup  their  NetworkManager_dispatcher_dhclient  pro‐
80       cesses in as secure a method as possible.
81
82       STANDARD FILE CONTEXT
83
84       SELinux  defines  the  file  context  types for the NetworkManager_dis‐
85       patcher_dhclient, if you wanted to store files with these  types  in  a
86       different  paths,  you  need to execute the semanage command to specify
87       alternate labeling and then use restorecon to put the labels on disk.