blob: dbc5c2ea3e230647da4b4c865393f30b6609bf72 [file] [log] [blame]
.TH "securetty_types" "5" "28-Nov-2011" "Security Enhanced Linux" "SELinux configuration"
.SH "NAME"
securetty_types \- The SELinux secure tty type configuration file
.
.SH "DESCRIPTION"
The
.I securetty_types
file contains a list of types associated to secure tty type that are defined in the policy for use by SELinux-aware applications.
.sp
.BR selinux_securetty_types_path "(3) "
will return the active policy path to this file. The default securetty types file is:
.RS
.I /etc/selinux/{SELINUXTYPE}/contexts/securetty_types
.RE
.sp
Where \fI{SELINUXTYPE}\fR is the entry from the selinux configuration file \fIconfig\fR (see \fBselinux_config\fR(5)).
.sp
.BR selinux_check_securetty_context "(3) reads this file to determine if a context is for a secure tty defined in the active policy. "
.sp
SELinux-aware applications such as
.BR newrole "(1) use this information to check the status of a tty. "
.
.SH "FILE FORMAT"
Each line in the file consists of the following entry:
.sp
.RS
.I type
.RS
One or more type entries that are defined in the policy for secure tty devices.
.RE
.RE
.
.SH "EXAMPLE"
# ./contexts/securetty_types
.br
sysadm_tty_device_t
.br
user_tty_device_t
.br
staff_tty_device_t
.
.SH "SEE ALSO"
.ad l
.nh
.BR selinux "(8), " selinux_securetty_types_path "(3), " newrole "(1), " selinux_check_securetty_context "(3), " selinux_config "(5) "