Table 2-1 has been reproduced here as Table A-1 for convenient reference. Table A-1 summarizes the object classes defined by the current release of SELinux. The table is organized by object class within object class type. SELinux developers may change the roster of object classes in future releases of SELinux.
Table A-1. Security object classes
Class
Description
File classes
blk_file
Block device file
chr_file
Character device file
dir
Directory
fd
File descriptor
fifo_file
FIFO file
file
File
filesystem
Formatted filesystem residing on disk partition
lnk_file
Hard or symbolic link
sock_file
Network socket file
Interprocess communication classes
ipc
(Obsolete)
msg
Interprocess communication message within queue
msgq
Interprocess communication queue
sem
Interprocess communication semaphore
shm
Interprocess communication shared memory
Network classes
key_socket
IPSec socket
netif
Network interface
netlink_socket
Socket used to communicate with kernel via the netlink syscall
node
TCP/IP network host, as represented by IP address
packet_socket
Obsolete object type used by Linux 2.0 programs invoking the socket syscall
rawip_socket
Raw IP socket
socket
Generic socket
tcp_socket
TCP socket
udp_socket
UDP socket
unix_dgram_socket
Unix-domain datagram socket
unix_stream_socket
Unix-domain stream socket
Object class
passwd
Linux password file
System classes
capability
SELinux capability
process
Process
security
Security- related objects, such as the SELinux policy