Layer: services

Module: kerberos

Interfaces Templates

Description:

This policy supports:

Servers:

Clients:

Interfaces:

kerberos_524_connect( domain )
Summary

Connect to krb524 service

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
kerberos_admin( domain , role , terminal )
Summary

All of the rules required to administrate an kerberos environment

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
role

The role to be allowed to manage the kerberos domain.

No
terminal

The type of the user terminal.

No
kerberos_domtrans_kpropd( domain )
Summary

Execute a domain transition to run kpropd.

Parameters
Parameter:Description:Optional:
domain

Domain allowed to transition.

No
kerberos_dontaudit_write_config( domain )
Summary

Do not audit attempts to write the kerberos configuration file (/etc/krb5.conf).

Parameters
Parameter:Description:Optional:
domain

Domain to not audit.

No
kerberos_manage_host_rcache( domain )
Summary

Read the kerberos kdc configuration file (/etc/krb5kdc.conf).

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
kerberos_read_config( domain )
Summary

Read the kerberos configuration file (/etc/krb5.conf).

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
kerberos_read_kdc_config( domain )
Summary

Read the kerberos kdc configuration file (/etc/krb5kdc.conf).

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
kerberos_read_keytab( domain )
Summary

Read the kerberos key table.

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
kerberos_rw_config( domain )
Summary

Read and write the kerberos configuration file (/etc/krb5.conf).

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
kerberos_use( domain )
Summary

Use kerberos services

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
Return

Templates:

kerberos_keytab_template( prefix , domain )
Summary

Create a derived type for kerberos keytab

Parameters
Parameter:Description:Optional:
prefix

The prefix to be used for deriving type names.

No
domain

Domain allowed access.

No
Return