admin | Administrator domain, such as sysadm_t |
auth | Domain that can read /etc/shadow |
auth_chkpwd | Domain that can authenticate users by running unix_chkpwd |
auth_write | Domain that can write or relabel /etc/shadow |
dbus_client_domain | Domain of dbus client |
device_type | Type assigned to device nodes |
domain | Type that can be assigned to a process |
etc_writer | Domain that can write to etc_t |
exec_type | Type assigned to executables that are domain entry points |
file_type | Type assigned to files in persistent filesystems |
fs_domain | Domain that can directly access a fixed disk |
fs_type | Type assigned to filesystems, including nonpersistent filesystems |
gphdomain | Domain derived from gnome-pty-helper |
home_dir_type | Type assigned to the parent directory holding user home directories |
home_type | Type assigned to home directories |
homedirfile | Type of special file in home directory, used to associate mount points with home directories |
lockfile | Type assigned to lock files or directories |
logfile | Type assigned to log files or directories |
login_contexts | Type assigned to files used to define default contexts for login type |
mail_server_domain | Domain that can accept inbound TCP port 25 connection |
mail_server_sender | Domain that can make outbound TCP port 25 connection |
mini_pty_type | pty used for a user_mini_domain |
mlstrustedobject | Type that can be accessed irrespective of MLS restrictions (not used) |
mlstrustedreader | Domain that can override MLS restrictions on reading (not used) |
mlstrustedwriter | Domain that can override MLS restrictions on writing (not used) |
mta_delivery_agent | Mail server domain that can deliver messages |
mta_user_agent | Mail server domain that can read user files and FIFOs and inherit file handles for mail spool |
netif_type | Type assigned to network interfaces |
netmsg_type | Type assigned to packets received on network interfaces |
node_type | Type assigned to network nodes ( hosts ) |
noexattrfile | Type of filesystem not supporting extended attributes |
pidfile | Type assigned to PID files |
port_type | Type assigned to TCP/IP port numbers |
priv_system_role | Domain that can change role from a user role to a system_r role, and user from a user identity to system_u |
privfd | Domain whose file handles can be widely inherited |
privhome | Domain that can act on behalf of a user by creating files under the user's home directory |
privlog | Domain that can communicate with the system logger daemon via its Unix domain socket |
privmail | Domain that can transition to system_mail_t |
privmem | Domain that can access kernel memory |
privmodule | Domain that can run modprobe |
privowner | Domain that can assign a nondefault SELinux user identity to a file, or create a file having an SELinux user identity other than that of the current process |
privrole | Domain that can change the SELinux role identity |
privuser | Domain that can change the SELinux user identity |
ptyfile | Type assigned to ptys |
root_dir_type | Type assigned to filesystem root directories, including those of nonpersistent filesystems |
server_pty | Type of pty created by a server, such as sshd |
socket_type | Type assigned to kernel-created sockets (ordinary sockets are labeled with the type of the creating process) |
sysadmfile | Type assigned to files fully controlled by administrators |
sysctl_kernel_writer | Domain (other than admin Domain) that can write to sysctl_kernel_t |
sysctl_net_writer | Domain that can write to sysctl_net_t |
sysctl_type | Type assigned to a sysctl entry; that is, a configuration item appearing in /proc/sys |
tmpfile | Type assigned to temporary files |
tmpfsfile | Type defined for tmpfs type translations |
ttyfile | Type assigned to ttys |
unpriv_userdomain | Type of nonadministrative users, such as user_t |
user_crond_domain | Type of user crond domain, such as user_crond_t and system_crond_t |
user_home_dir_type | Type of user home directory of unpriv_userdomain user |
user_home_type | Type of nonadministrator home directory |
user_mail_domain | Domain used by sendmail -t |
user_mini_domain | Small Domain used for newrole |
user_tmpfile | Type assigned to temporary files of unpriv_userdomain domain |
usercanread | Type of files that user can read |
userdomain | User domain, such as user_t and sysadm_t |
userpty_type | Type of nonadministrative pty ( devpts ) |
web_client_domain | Domain of web client, such as Netscape and Squid |
xserver_tmpfile | Type assigned to temporary files of user_xserver_t domain |