NetworkManager_dispatcher_sendmail_selinux(8)

1NetworkManager_dSiEsLpiantucxhePro_lsiecnydmNaeitlwN_oesrtekwlMoiarnnkuaMxga(en8ra)_gdeirs_pdaitscphaetrc_hseern_dsmeanidlmail_selinux(8)
2
3
4

NAME

6       NetworkManager_dispatcher_sendmail_selinux  -  Security  Enhanced Linux
7       Policy for the NetworkManager_dispatcher_sendmail processes
8

DESCRIPTION

10       Security-Enhanced Linux secures the  NetworkManager_dispatcher_sendmail
11       processes via flexible mandatory access control.
12
13       The  NetworkManager_dispatcher_sendmail processes execute with the Net‐
14       workManager_dispatcher_sendmail_t SELinux type. You can  check  if  you
15       have  these  processes  running by executing the ps command with the -Z
16       qualifier.
17
18       For example:
19
20       ps -eZ | grep NetworkManager_dispatcher_sendmail_t
21
22
23

ENTRYPOINTS

25       The NetworkManager_dispatcher_sendmail_t SELinux type  can  be  entered
26       via the NetworkManager_dispatcher_sendmail_script_t file type.
27
28       The  default  entrypoint  paths for the NetworkManager_dispatcher_send‐
29       mail_t domain are the following:
30
31       /usr/lib/NetworkManager/dispatcher.d/10-sendmail
32

PROCESS TYPES

34       SELinux defines process types (domains) for each process running on the
35       system
36
37       You can see the context of a process using the -Z option to ps
38
39       Policy  governs  the  access confined processes have to files.  SELinux
40       NetworkManager_dispatcher_sendmail policy  is  very  flexible  allowing
41       users to setup their NetworkManager_dispatcher_sendmail processes in as
42       secure a method as possible.
43
44       The  following  process  types  are  defined  for   NetworkManager_dis‐
45       patcher_sendmail:
46
47       NetworkManager_dispatcher_sendmail_t
48
49       Note:  semanage  permissive -a NetworkManager_dispatcher_sendmail_t can
50       be used to make the process  type  NetworkManager_dispatcher_sendmail_t
51       permissive.  SELinux  does not deny access to permissive process types,
52       but the AVC (SELinux denials) messages are still generated.
53
54

BOOLEANS

56       SELinux policy is customizable based on least  access  required.   Net‐
57       workManager_dispatcher_sendmail  policy  is  extremely flexible and has
58       several booleans that allow you to manipulate the policy and  run  Net‐
59       workManager_dispatcher_sendmail with the tightest access possible.
60
61
62
63       If you want to allow all domains to execute in fips_mode, you must turn
64       on the fips_mode boolean. Enabled by default.
65
66       setsebool -P fips_mode 1
67
68
69

MANAGED FILES

71       The SELinux process type NetworkManager_dispatcher_sendmail_t can  man‐
72       age  files labeled with the following file types.  The paths listed are
73       the default paths for these file types.  Note the processes  UID  still
74       need to have DAC permissions.
75
76       systemd_passwd_var_run_t
77
78            /var/run/systemd/ask-password(/.*)?
79            /var/run/systemd/ask-password-block(/.*)?
80
81

FILE CONTEXTS

83       SELinux requires files to have an extended attribute to define the file
84       type.
85
86       You can see the context of a file using the -Z option to ls
87
88       Policy governs the access  confined  processes  have  to  these  files.
89       SELinux  NetworkManager_dispatcher_sendmail policy is very flexible al‐
90       lowing users to  setup  their  NetworkManager_dispatcher_sendmail  pro‐
91       cesses in as secure a method as possible.
92
93       STANDARD FILE CONTEXT
94
95       SELinux  defines  the  file  context  types for the NetworkManager_dis‐
96       patcher_sendmail, if you wanted to store files with these  types  in  a
97       different  paths,  you  need to execute the semanage command to specify
98       alternate labeling and then use restorecon to put the labels on disk.
99
100       semanage  fcontext  -a  -t  NetworkManager_dispatcher_sendmail_script_t
101       '/srv/NetworkManager_dispatcher_sendmail/content(/.*)?'
102       restorecon -R -v /srv/myNetworkManager_dispatcher_sendmail_content
103
104       Note:  SELinux  often  uses  regular expressions to specify labels that
105       match multiple files.
106
107       The  following  file  types   are   defined   for   NetworkManager_dis‐
108       patcher_sendmail:
109
110
111
112       NetworkManager_dispatcher_sendmail_script_t
113
114       -  Set files with the NetworkManager_dispatcher_sendmail_script_t type,
115       if you want to treat the files as  NetworkManager  dispatcher  sendmail
116       script data.
117
118
119
120       Note:  File context can be temporarily modified with the chcon command.
121       If you want to permanently change the file context you need to use  the
122       semanage fcontext command.  This will modify the SELinux labeling data‐
123       base.  You will need to use restorecon to apply the labels.
124
125

COMMANDS

127       semanage fcontext can also be used to manipulate default  file  context
128       mappings.
129
130       semanage  permissive  can  also  be used to manipulate whether or not a
131       process type is permissive.
132
133       semanage module can also be used to enable/disable/install/remove  pol‐
134       icy modules.
135
136       semanage boolean can also be used to manipulate the booleans
137
138
139       system-config-selinux is a GUI tool available to customize SELinux pol‐
140       icy settings.
141
142

AUTHOR

144       This manual page was auto-generated using sepolicy manpage .
145
146