Appendix D. SELinux General Types

 agp_device_t 

AGP video device: /dev/agpgart

 apm_bios_t 

APM BIOS

 clock_device_t 

Hardware clock device: /dev/rtc

 console_device_t 

Console device: /dev/console

 cpu_device_t 

CPU device: /dev/cpu/*

 devfs_control_t 

Devfs filesystem.

 device_t 

Device

 devtty_t 

tty device

 dri_device_t 

DRI device: /dev/dri, /dev/dri/.*

 event_device_t 

Event device: /dev/input/event.*

 fixed_disk_device_t 

Fixed disk drive

 framebuf_device_t 

Framebuffer device: /dev/fb[0-9]*

 memory_device_t 

Memory device: /dev/kmem , /dev/mem , /dev/port , /dev/nvram

 misc_device_t 

Miscellaneous device (for instance, /dev/sequencer )

 mouse_device_t 

Mouse

 mtrr_device_t 

Memory type range register device: /dev/cpu/mtrr

 null_device_t 

/dev/null

 ppp_device_t 

/dev/ppp , /dev/pppox , /dev/ippp

 random_device_t 

Entropy generator: /dev/random

 removable_device_t 

Device having removable media (for instance, a CD-ROM device)

 scanner_device_t 

Scanner

 scsi_generic_device_t 

Generic SCSI device: /dev/sg[0-9]+

 sound_device_t 

Sound device

 tape_device_t 

Magnetic tape device

 tty_device_t 

tty device

 tun_tap_device_t 

Network tunnel or tap device: /dev/net/tun/* , /dev/net/tap/*

 urandom_device_t 

Entropy generator: /dev/urandom

 v4l_device_t 

Radio or tuner device

 zero_device_t 

/dev/zero

 at_spool_t 

At -related files in /var/spool/at

 bdev_t 

Bdev filesystem

 bin_t 

Binary executables in /bin

 boot_runtime_t 

Boot configuration files, such as grub.conf

 boot_t 

Bootable kernel and RAM disk files such as /vmlinuz

 catman_t 

Man page catalog files

 cifs_t 

Alias for sambafs_t

 cron_spool_t 

cron files

 default_t 

A default file context

 dosfs_t 

MSDOS , FAT , VFAT , or NTFS filesystem

 etc_aliases_t 

/etc/aliases and related files

 etc_runtime_t 

Volatile files in /etc and subdirectories

 etc_t 

Nonvolatile files in /etc and subdirectories

 eventpollfs_t 

Event-poll filesystem

 faillog_t 

/var/log/faillog and related login failure log files

 file_t 

Default type of unlabeled file

 fonts_t 

Font file

 fs_t 

Default type for filesystems

 futexfs_t 

Futex filesystem

 home_root_t 

Type for directory containing user home directories

 iso9660_t 

ISO9660 filesystem

 krb5_conf_t 

/etc/krb5.conf and related Kerberos files

 lastlog_t 

/var/log/lastlog and related login log files

 ld_so_cache_t 

/etc/ld.so.cache and related shared library cache files

 ld_so_t 

/etc/ld.so.conf and related shared library configuration files

 lib_t 

Modules, libraries, and related files in /lib

 locale_t 

/usr/share/locale , /usr/share/zoneinfo and localization files

 lost_found_t 

Lost and found directories and the files they contain

 ls_exec_t 

/bin/ls

 mail_spool_t 

/var/mail , /var/spool/mail , and related files

 man_t 

/usr/man , /usr/share/man, and related files

 mnt_t 

/mnt and related files

 mqueue_spool_t 

/var/spool/mqueue and related files.

 net_conf_t 

Network configuration files, such as /etc/resolv.conf

 nfsd_fs_t 

NFSD filesystem

 poly_t 

Polyinstantiated directory (defined, but not used, in sample policy)

 print_spool_t 

/var/spool/lpd , /var/spool/cups, and related files

 ramfs_t 

RAMFS filesystem

 readable_t 

Files and directories readable by ordinary users

 resolv_conf_t 

Alias for net_conf_t

 romfs_t 

ROMFS or CRAMFS filesystem

 root_t 

Root filesystem

 rpc_pipefs_t 

RPC pipe filesystem

 sambafs_t 

Samba ( CIFS ) filesystem

 sbin_t 

/sbin , /usr/sbin, and related files

 shadow_t 

/etc/shadow and related files

 shell_exec_t 

Executable shell, such as /bin/bash

 shlib_t 

Shared libraries in /lib , /usr/lib , and elsewhere

 src_t 

/usr/local/src and related files

 swapfile_t 

Swap file

 sysfs_t 

SYS filesystem

 system_map_t 

/boot/System.map and related files

 test_file_t 

(Defined, but not used, in sample policy)

 tetex_data_t 

Texmf-related files in /var/spool/texmf , /var/lib/texmf , and elsewhere

 tmpfs_t 

TMPFS filesystem

 tmp_t 

User-created files in /tmp and elsewhere

 udev_runtime_t 

UDEV table file

 unlabeled_t 

Unlabeled file

 usbdevfs_t 

USB DEV filesystem

 usbfs_t 

USB filesystem

 usr_t 

/usr , /opt and related files

 var_lib_nfs_t 

/var/lib/nfs and related files

 var_lib_t 

/var/lib and related files

 var_lock_t 

/var/lock and related files

 var_log_ksyms_t 

/var/log/ksyms and related files

 var_log_t 

/var/log/dmesg , /var/log/syslog , and related files

 var_run_t 

/var/run and related files

 var_spool_t 

/var/spool and related files

 var_t 

/var and related files

 var_yp_t 

/var/yp and related files

 wtmp_t 

/var/log/wtmp and related files

 any_socket_t 

Obsolete type used to refer to UDP or raw IP socket

 icmp_socket_t 

Socket used to send ICMP messages

 igmp_packet_t 

IGMP packet

 netif_eth0_t 

Network interface eth0

 netif_eth1_t 

Network interface eth1

 netif_eth2_t 

Network interface eth2

 netif_ippp0_t 

Network interface ippp0

 netif_ipsec0_t 

Network interface ipsec0

 netif_ipsec1_t 

Network interface ipsec1

 netif_ipsec2_t 

Network interface ipsec2

 netif_lo_t 

Network interface lo

 netif_t 

A network interface

 netmsg_eth0_t 

Network message arriving on interface eth0

 netmsg_eth1_t 

Network message arriving on interface eth1

 netmsg_eth2_t 

Network message arriving on interface eth2

 netmsg_ippp0_t 

Network message arriving on interface ippp0

 netmsg_ipsec0_t 

Network message arriving on interface ipsec0

 netmsg_ipsec1_t 

Network message arriving on interface ipsec1

 netmsg_ipsec2_t 

Network message arriving on interface ipsec2

 netmsg_lo_t 

Network message arriving on interface lo

 netmsg_t 

Network message arriving on any interface

 node_compat_ipv4_t 

IP address of IPv4-compatible host

 node_inaddr_any_t 

IP address of any host

 node_internal_t 

IP address of LAN host

 node_link_local_t 

IP address of LAN host

 node_lo_t 

IP address of loopback interface

 node_mapped_ipv4_t 

IP address of host having a mapped IPv4 address

 node_multicast_t 

IP address of host having a multicast address

 node_site_local_t 

IP address of host associated with local site

 node_t 

Default type of network node

 node_unspec_t 

Network node of unspecified type

 pop_port_t 

Post Office Protocol port

 port_t 

TCP/IP port

 scmp_packet_t 

SCMP (ST Control Message Protocol) packet

 tcp_socket_t 

Socket used to send TCP data

 xserver_port_t 

X server port

 proc_kcore_t 

/proc/kcore and related files

 proc_kmsg_t 

/proc/kmsg and related files

 proc_t 

/proc filesystem and related files

 sysctl_dev_t 

/proc/sys/dev and related files

 sysctl_fs_t 

/proc/sys/fs and related files

 sysctl_hotplug_t 

/proc/sys/kernel/hotplug and related files

 sysctl_irq_t 

/proc/irq and related procfs files

 sysctl_kernel_t 

/proc/sys/kernel and related files

 sysctl_modprobe_t 

/proc/sys/kernel/ modprobe and related files

 sysctl_net_t 

/proc/sys/net and related files

 sysctl_net_unix_t 

/proc/sys/net/unix and related files

 sysctl_rpc_t 

/proc/net/rpc and related files

 sysctl_t 

/proc/sys and related files

 sysctl_vm_t 

/proc/sys/vm and related files

 default_context_t 

Type of /etc/security/default_contexts file

 file_labels_t 

Type of the persistent label mapping stored in a filesystem

 no_access_t 

Type of objects that should be accessed only administratively

 policy_config_t 

Type of /etc/security/selinux/*

 policy_src_t 

Type of the policy source files

 security_t 

Target type used when checking permissions in the security class; also the type of selinuxfs i-nodes