Crate selinux

Source

Re-exports§

pub use security_server::SecurityServer;
pub use policy::ClassId;

Modules§

permission_check
policy
security_server

Structs§

FileSystemLabel
FileSystemMountOptions: SELinux security context-related filesystem mount options. These options are documented in the context=context, fscontext=context, defcontext=context, and rootcontext=context section of the mount(8) manpage.
FileSystemMountSids
NullessByteStr: A borrowed byte slice that contains no NUL characters by truncating the input slice at the first NUL (if any) upon construction.
SeLinuxStatus: Status information parameter for the SeLinuxStatusPublisher interface.
SecurityId: Identifies a Security Context.
TaskAttrs: The SELinux security structure for ThreadGroup.

Enums§

AnonFsNodePermission: Allow callers to use the kernel class & permission definitions.
BinderPermission: Allow callers to use the kernel class & permission definitions.
BlockFilePermission: Allow callers to use the kernel class & permission definitions.
BpfPermission: Allow callers to use the kernel class & permission definitions.
Cap2Class: Allow callers to use the kernel class & permission definitions. Covers the set of classes that inherit from the common “cap2” symbol (e.g. “capability2” for now and “cap2_userns” after Starnix gains user namespacing support).
CapClass: Allow callers to use the kernel class & permission definitions. Covers the set of classes that inherit from the common “cap” symbol (e.g. “capability” for now and “cap_userns” after Starnix gains user namespacing support).
Capability2Permission: Allow callers to use the kernel class & permission definitions. Permissions for the kernel “capability” class.
CapabilityPermission: Allow callers to use the kernel class & permission definitions.
CharacterFilePermission: Allow callers to use the kernel class & permission definitions.
CommonCap2Permission: Allow callers to use the kernel class & permission definitions. Common symbol inherited by “capability2” and “capuser2” classes.
CommonCapPermission: Allow callers to use the kernel class & permission definitions.
CommonFilePermission: Allow callers to use the kernel class & permission definitions.
CommonFsNodePermission: Allow callers to use the kernel class & permission definitions.
CommonSocketPermission: Allow callers to use the kernel class & permission definitions.
DirPermission: Allow callers to use the kernel class & permission definitions.
FdPermission: Allow callers to use the kernel class & permission definitions.
FifoFilePermission: Allow callers to use the kernel class & permission definitions.
FileClass: Allow callers to use the kernel class & permission definitions. A well-known file-like class in SELinux policy that has a particular meaning in policy enforcement hooks.
FilePermission: Allow callers to use the kernel class & permission definitions.
FileSystemLabelingScheme
FileSystemPermission: Allow callers to use the kernel class & permission definitions.
FsNodeClass: Allow callers to use the kernel class & permission definitions. Container for a security class that could be associated with a [crate::vfs::FsNode], to allow permissions common to both file-like and socket-like classes to be generated easily by hooks.
IcmpSocketPermission: Allow callers to use the kernel class & permission definitions.
InitialSid: Initial Security Identifier (SID) values actually used by this implementation. These must be present in the policy, for it to be valid.
KernelClass: Allow callers to use the kernel class & permission definitions. A well-known class in SELinux policy that has a particular meaning in policy enforcement hooks.
KernelPermission: Allow callers to use the kernel class & permission definitions. A well-known (class, permission) pair in SELinux policy that has a particular meaning in policy enforcement hooks.
KeySocketPermission: Allow callers to use the kernel class & permission definitions.
LinkFilePermission: Allow callers to use the kernel class & permission definitions.
MemFdFilePermission: Allow callers to use the kernel class & permission definitions.
NetlinkAuditSocketPermission: Allow callers to use the kernel class & permission definitions.
NetlinkConnectorSocketPermission: Allow callers to use the kernel class & permission definitions.
NetlinkCryptoSocketPermission: Allow callers to use the kernel class & permission definitions.
NetlinkDnrtSocketPermission: Allow callers to use the kernel class & permission definitions.
NetlinkFibLookupSocketPermission: Allow callers to use the kernel class & permission definitions.
NetlinkFirewallSocketPermission: Allow callers to use the kernel class & permission definitions.
NetlinkGenericSocketPermission: Allow callers to use the kernel class & permission definitions.
NetlinkIp6FwSocketPermission: Allow callers to use the kernel class & permission definitions.
NetlinkIscsiSocketPermission: Allow callers to use the kernel class & permission definitions.
NetlinkKobjectUeventSocketPermission: Allow callers to use the kernel class & permission definitions.
NetlinkNetfilterSocketPermission: Allow callers to use the kernel class & permission definitions.
NetlinkNflogSocketPermission: Allow callers to use the kernel class & permission definitions.
NetlinkRdmaSocketPermission: Allow callers to use the kernel class & permission definitions.
NetlinkRouteSocketPermission: Allow callers to use the kernel class & permission definitions.
NetlinkScsitransportSocketPermission: Allow callers to use the kernel class & permission definitions.
NetlinkSelinuxSocketPermission: Allow callers to use the kernel class & permission definitions.
NetlinkSocketPermission: Allow callers to use the kernel class & permission definitions.
NetlinkTcpDiagSocketPermission: Allow callers to use the kernel class & permission definitions.
NetlinkXfrmSocketPermission: Allow callers to use the kernel class & permission definitions.
ObjectClass: Identifies a specific class by its policy-defined Id, or as a kernel object class enum Id.
PacketSocketPermission: Allow callers to use the kernel class & permission definitions.
PerfEventPermission: Allow callers to use the kernel class & permission definitions.
PolicyCap: Reference policy capability Ids.
Process2Permission: Allow callers to use the kernel class & permission definitions.
ProcessPermission: Allow callers to use the kernel class & permission definitions.
QipcrtrSocketPermission: Allow callers to use the kernel class & permission definitions.
RawIpSocketPermission: Allow callers to use the kernel class & permission definitions.
ReferenceInitialSid: Initial Security Identifier (SID) values defined by the SELinux Reference Policy. Where the SELinux Reference Policy retains definitions for some deprecated initial SIDs, this enum omits deprecated entries for clarity.
SctpSocketPermission: Allow callers to use the kernel class & permission definitions.
SecurityPermission: Allow callers to use the kernel class & permission definitions.
SockFilePermission: Allow callers to use the kernel class & permission definitions.
SocketClass: Allow callers to use the kernel class & permission definitions. Distinguishes socket-like kernel object classes defined in SELinux policy.
SocketPermission: Allow callers to use the kernel class & permission definitions.
SystemPermission: Allow callers to use the kernel class & permission definitions.
TcpSocketPermission: Allow callers to use the kernel class & permission definitions.
TunSocketPermission: Allow callers to use the kernel class & permission definitions.
UdpSocketPermission: Allow callers to use the kernel class & permission definitions.
UnixDgramSocketPermission: Allow callers to use the kernel class & permission definitions.
UnixStreamSocketPermission: Allow callers to use the kernel class & permission definitions.
VsockSocketPermission: Allow callers to use the kernel class & permission definitions.

Traits§

ClassPermission: Allow callers to use the kernel class & permission definitions.
ForClass: Allow callers to use the kernel class & permission definitions.
SeLinuxStatusPublisher: Interface for security server to interact with selinuxfs status file.

Crate selinux

Crate selinux Copy item path

Re-exports§

Modules§

Structs§

Enums§

Traits§

Crate selinux