admin
| Administrator domain, such as sysadm_t |
auth
| Domain that can read /etc/shadow |
auth_chkpwd
| Domain that can authenticate users by running unix_chkpwd |
auth_write
| Domain that can write or relabel /etc/shadow |
dbus_client_domain
| Domain of dbus client |
device_type
| Type assigned to device nodes |
domain
| Type that can be assigned to a process |
etc_writer
| Domain that can write to etc_t |
exec_type
| Type assigned to executables that are domain entry points |
file_type
| Type assigned to files in persistent filesystems |
fs_domain
| Domain that can directly access a fixed disk |
fs_type
| Type assigned to filesystems, including nonpersistent filesystems |
gphdomain
| Domain derived from gnome-pty-helper |
home_dir_type
| Type assigned to the parent directory holding user home directories |
home_type
| Type assigned to home directories |
homedirfile
| Type of special file in home directory, used to associate mount points with home directories |
lockfile
| Type assigned to lock files or directories |
logfile
| Type assigned to log files or directories |
login_contexts
| Type assigned to files used to define default contexts for login type |
mail_server_domain
| Domain that can accept inbound TCP port 25 connection |
mail_server_sender
| Domain that can make outbound TCP port 25 connection |
mini_pty_type
| pty used for a user_mini_domain |
mlstrustedobject
| Type that can be accessed irrespective of MLS restrictions (not used) |
mlstrustedreader
| Domain that can override MLS restrictions on reading (not used) |
mlstrustedwriter
| Domain that can override MLS restrictions on writing (not used) |
mta_delivery_agent
| Mail server domain that can deliver messages |
mta_user_agent
| Mail server domain that can read user files and FIFOs and inherit file handles for mail spool |
netif_type
| Type assigned to network interfaces |
netmsg_type
| Type assigned to packets received on network interfaces |
node_type
| Type assigned to network nodes ( hosts ) |
noexattrfile
| Type of filesystem not supporting extended attributes |
pidfile
| Type assigned to PID files |
port_type
| Type assigned to TCP/IP port numbers |
priv_system_role
| Domain that can change role from a user role to a system_r role, and user from a user identity to system_u |
privfd
| Domain whose file handles can be widely inherited |
privhome
| Domain that can act on behalf of a user by creating files under the user's home directory |
privlog
| Domain that can communicate with the system logger daemon via its Unix domain socket |
privmail
| Domain that can transition to system_mail_t |
privmem
| Domain that can access kernel memory |
privmodule
| Domain that can run modprobe |
privowner
| Domain that can assign a nondefault SELinux user identity to a file, or create a file having an SELinux user identity other than that of the current process |
privrole
| Domain that can change the SELinux role identity |
privuser
| Domain that can change the SELinux user identity |
ptyfile
| Type assigned to ptys |
root_dir_type
| Type assigned to filesystem root directories, including those of nonpersistent filesystems |
server_pty
| Type of pty created by a server, such as sshd |
socket_type
| Type assigned to kernel-created sockets (ordinary sockets are labeled with the type of the creating process) |
sysadmfile
| Type assigned to files fully controlled by administrators |
sysctl_kernel_writer
| Domain (other than admin Domain) that can write to sysctl_kernel_t |
sysctl_net_writer
| Domain that can write to sysctl_net_t |
sysctl_type
| Type assigned to a sysctl entry; that is, a configuration item appearing in /proc/sys |
tmpfile
| Type assigned to temporary files |
tmpfsfile
| Type defined for tmpfs type translations |
ttyfile
| Type assigned to ttys |
unpriv_userdomain
| Type of nonadministrative users, such as user_t |
user_crond_domain
| Type of user crond domain, such as user_crond_t and system_crond_t |
user_home_dir_type
| Type of user home directory of unpriv_userdomain user |
user_home_type
| Type of nonadministrator home directory |
user_mail_domain
| Domain used by sendmail -t |
user_mini_domain
| Small Domain used for newrole |
user_tmpfile
| Type assigned to temporary files of unpriv_userdomain domain |
usercanread
| Type of files that user can read |
userdomain
| User domain, such as user_t and sysadm_t |
userpty_type
| Type of nonadministrative pty ( devpts ) |
web_client_domain
| Domain of web client, such as Netscape and Squid |
xserver_tmpfile
| Type assigned to temporary files of user_xserver_t domain |
