Layer: services

Module: cron

Tunables Interfaces Templates

Description:

Periodic execution of scheduled commands.


Tunables:

cron_can_relabel
Default value

false

Description

Allow system cron jobs to relabel filesystem for restoring file contexts.

fcron_crond
Default value

false

Description

Enable extra rules in the cron domain to support fcron.

Return

Interfaces:

cron_admin_role( role , domain )
Summary

Role access for cron

Parameters
Parameter:Description:
role

Role allowed access

domain

User domain for the role

cron_anacron_domtrans_system_job( domain )
Summary

Execute anacron in the cron system domain.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_domtrans( domain )
Summary

Execute cron in the cron system domain.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_dontaudit_append_system_job_tmp_files( domain )
Summary

Do not audit attempts to append temporary files from the system cron jobs.

Parameters
Parameter:Description:
domain

Domain to not audit.

cron_dontaudit_rw_tcp_sockets( domain )
Summary

Dontaudit Read, and write cron daemon TCP sockets.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_dontaudit_write_pipes( domain )
Summary

Do not audit attempts to write cron daemon unnamed pipes.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_dontaudit_write_system_job_tmp_files( domain )
Summary

Do not audit attempts to write temporary files from the system cron jobs.

Parameters
Parameter:Description:
domain

Domain to not audit.

cron_exec( domain )
Summary

Execute crond_exec_t

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_initrc_domtrans( domain )
Summary

Execute crond server in the nscd domain.

Parameters
Parameter:Description:
domain

The type of the process performing this action.

cron_manage_pid_files( domain )
Summary

Manage pid files used by cron

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_manage_system_job_lib_files( domain )
Summary

Manage files from the system cron jobs.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_read_pipes( domain )
Summary

Read a cron daemon unnamed pipe.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_read_system_job_lib_files( domain )
Summary

Read temporary files from the system cron jobs.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_read_system_job_tmp_files( domain )
Summary

Read temporary files from the system cron jobs.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_role( role , domain )
Summary

Role access for cron

Parameters
Parameter:Description:
role

Role allowed access

domain

User domain for the role

cron_rw_inherited_user_spool_files( domain )
Summary

Read and write inherited user spool files.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_rw_pipes( domain )
Summary

Read and write a cron daemon unnamed pipe.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_rw_system_job_pipes( domain )
Summary

Read and write a system cron job unnamed pipe.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_rw_system_job_stream_sockets( domain )
Summary

Allow read/write unix stream sockets from the system cron jobs.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_rw_tcp_sockets( domain )
Summary

Read, and write cron daemon TCP sockets.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_search_spool( domain )
Summary

Search the directory containing user cron tables.

Parameters
Parameter:Description:
domain

The type of the process to performing this action.

cron_sigchld( domain )
Summary

Send a SIGCHLD signal to the cron daemon.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_system_entry( domain , entrypoint )
Summary

Make the specified program domain accessable from the system cron jobs.

Parameters
Parameter:Description:
domain

The type of the process to transition to.

entrypoint

The type of the file used as an entrypoint to this domain.

cron_unconfined_role( role , domain )
Summary

Role access for unconfined cronjobs

Parameters
Parameter:Description:
role

Role allowed access

domain

User domain for the role

cron_use_fds( domain )
Summary

Inherit and use a file descriptor from the cron daemon.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_use_system_job_fds( domain )
Summary

Inherit and use a file descriptor from system cron jobs.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_write_system_job_pipes( domain )
Summary

Write a system cron job unnamed pipe.

Parameters
Parameter:Description:
domain

Domain allowed access.

Return

Templates:

cron_common_crontab_template( userdomain_prefix )
Summary

The common rules for a crontab domain.

Parameters
Parameter:Description:
userdomain_prefix

The prefix of the user domain (e.g., user is the prefix for user_t).

Return