Policy for mount.
false
Allow the mount command to mount any directory or file.
Execute mount in the mount domain.
| Parameter: | Description: |
|---|---|
| domain |
Domain allowed to transition. |
Execute mount in the unconfined mount domain.
| Parameter: | Description: |
|---|---|
| domain |
Domain allowed to transition. |
Execute mount in the caller domain.
| Parameter: | Description: |
|---|---|
| domain |
Domain allowed access. |
Read loopback filesystem image files.
| Parameter: | Description: |
|---|---|
| domain |
Domain allowed access. |
Execute mount in the mount domain, and allow the specified role the mount domain, and use the caller's terminal.
| Parameter: | Description: |
|---|---|
| domain |
Domain allowed to transition. |
| role |
Role allowed access. |
Execute mount in the unconfined mount domain, and allow the specified role the unconfined mount domain, and use the caller's terminal.
| Parameter: | Description: |
|---|---|
| domain |
Domain allowed to transition. |
| role |
Role allowed access. |
Allow the mount domain to send nfs requests for mounting network drives
Allow the mount domain to send nfs requests for mounting network drives
This interface has been deprecated as these rules were a side effect of leaked mount file descriptors. This interface has no effect.
| Parameter: | Description: |
|---|---|
| domain |
Domain allowed access. |
Send a generic signal to mount.
| Parameter: | Description: |
|---|---|
| domain |
Domain allowed access. |
Use file descriptors for mount.
| Parameter: | Description: |
|---|---|
| domain |
The type of the process performing this action. |