Layer: services

Module: cron

Tunables Interfaces Templates

Description:

Periodic execution of scheduled commands.


Tunables:

cron_can_relabel
Default value

false

Description

Allow system cron jobs to relabel filesystem for restoring file contexts.

fcron_crond
Default value

false

Description

Enable extra rules in the cron domain to support fcron.

Return

Interfaces:

cron_admin_role( role , domain )
Summary

Role access for cron

Parameters
Parameter:Description:
role

Role allowed access

domain

User domain for the role

cron_anacron_domtrans_system_job( domain )
Summary

Execute anacron in the cron system domain.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_dontaudit_append_system_job_tmp_files( domain )
Summary

Do not audit attempts to append temporary files from the system cron jobs.

Parameters
Parameter:Description:
domain

Domain to not audit.

cron_dontaudit_write_pipes( domain )
Summary

Do not audit attempts to write cron daemon unnamed pipes.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_read_pipes( domain )
Summary

Read a cron daemon unnamed pipe.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_read_system_job_tmp_files( domain )
Summary

Read temporary files from the system cron jobs.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_role( role , domain )
Summary

Role access for cron

Parameters
Parameter:Description:
role

Role allowed access

domain

User domain for the role

cron_rw_pipes( domain )
Summary

Read and write a cron daemon unnamed pipe.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_rw_system_job_pipes( domain )
Summary

Read and write a system cron job unnamed pipe.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_rw_tcp_sockets( domain )
Summary

Read, and write cron daemon TCP sockets.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_search_spool( domain )
Summary

Search the directory containing user cron tables.

Parameters
Parameter:Description:
domain

The type of the process to performing this action.

cron_sigchld( domain )
Summary

Send a SIGCHLD signal to the cron daemon.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_system_entry( domain , entrypoint )
Summary

Make the specified program domain accessable from the system cron jobs.

Parameters
Parameter:Description:
domain

The type of the process to transition to.

entrypoint

The type of the file used as an entrypoint to this domain.

cron_unconfined_role( role , domain )
Summary

Role access for unconfined cronjobs

Parameters
Parameter:Description:
role

Role allowed access

domain

User domain for the role

cron_use_fds( domain )
Summary

Inherit and use a file descriptor from the cron daemon.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_use_system_job_fds( domain )
Summary

Inherit and use a file descriptor from system cron jobs.

Parameters
Parameter:Description:
domain

Domain allowed access.

cron_write_system_job_pipes( domain )
Summary

Write a system cron job unnamed pipe.

Parameters
Parameter:Description:
domain

Domain allowed access.

crond_search_dir( domain )
Summary

Allow crond to search directories that are home directories for accounts used or parent directories of home directories.

Parameters
Parameter:Description:
domain

Type of directory that crond_t may search.

Return

Templates:

cron_common_crontab_template( userdomain_prefix )
Summary

The common rules for a crontab domain.

Parameters
Parameter:Description:
userdomain_prefix

The prefix of the user domain (e.g., user is the prefix for user_t).

Return