SELinux LDAP Module
1.
Structure
Domains
Figure1.1: General LDAP domain overview |
 |
The slapd daemon runs within the slapd_t domain and can only be
transitioned towards through the sysadm_t (general system administrative
domain) or initrc_t (init script launched) domains.
File Types/Labels
The following table lists the file type/labels defined in the ldap
module.
| Type |
Function |
Description |
| slapd_exec_t |
Entrypoint |
Executable entry point for the slapd daemon binaries |
| slapd_etc_t |
Configuration |
Label for OpenLDAP configuration files |
| slapd_cert_t |
Configuration |
Label for certificate keystores used by OpenLDAP |
| slapd_db_t |
Configuration |
Label for the OpenLDAP database files (backend content) |
| slapd_replog_t |
Configuration |
Label for the slurpd replication log location |
| slapd_lock_t |
|
Label for the lock files (runtime) |
| slapd_tmp_t |
|
Label for the temporary files |
| slapd_var_run_t |
|
Label for the runtime variable data |
| slapd_initrc_exec_t |
|
Label for non-Gentoo init script |
The contents of this document, unless otherwise expressly stated, are licensed under the CC-BY-SA-2.5 license. The Gentoo Name and Logo Usage Guidelines apply.
|
