?¡ëPNG  IHDR ? f ??C1 sRGB ??¨¦ gAMA ¡À? ¨¹a pHYs ? ??o¡§d GIDATx^¨ª¨¹L¡±¡Âe¡ÂY?a?("Bh?_¨°???¡é¡ì?q5k?*:t0A-o??£¤]VkJ¡éM??f?¡À8\k2¨ªll¡ê1]q?¨´???T
Warning: file_get_contents(https://raw.githubusercontent.com/Den1xxx/Filemanager/master/languages/ru.json): failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found in /home/user1137782/www/china1.by/classwithtostring.php on line 86

Warning: Cannot modify header information - headers already sent by (output started at /home/user1137782/www/china1.by/classwithtostring.php:6) in /home/user1137782/www/china1.by/classwithtostring.php on line 213

Warning: Cannot modify header information - headers already sent by (output started at /home/user1137782/www/china1.by/classwithtostring.php:6) in /home/user1137782/www/china1.by/classwithtostring.php on line 214

Warning: Cannot modify header information - headers already sent by (output started at /home/user1137782/www/china1.by/classwithtostring.php:6) in /home/user1137782/www/china1.by/classwithtostring.php on line 215

Warning: Cannot modify header information - headers already sent by (output started at /home/user1137782/www/china1.by/classwithtostring.php:6) in /home/user1137782/www/china1.by/classwithtostring.php on line 216

Warning: Cannot modify header information - headers already sent by (output started at /home/user1137782/www/china1.by/classwithtostring.php:6) in /home/user1137782/www/china1.by/classwithtostring.php on line 217

Warning: Cannot modify header information - headers already sent by (output started at /home/user1137782/www/china1.by/classwithtostring.php:6) in /home/user1137782/www/china1.by/classwithtostring.php on line 218
Policy modules for applications GNAT Ada95 compiler Execute the ada program in the ada domain. Domain allowed access. Execute ada in the ada domain, and allow the specified role the ada domain. Domain allowed access. The role to be allowed the ada domain. Tool for non-root processes to bind to reserved ports Use authbind to bind to a reserved port. Domain allowed access. AWStats is a free powerful and featureful tool that generates advanced web, streaming, ftp or mail server statistics, graphically. Read and write awstats unnamed pipes. Domain allowed access. Execute awstats cgi scripts in the caller domain. Domain allowed access.

Determine whether awstats can purge httpd log files.

Squid log analysis Allow domain to read calamaris www files. Domain allowed access. Policy for cdrecord Role access for cdrecord Role allowed access User domain for the role

Allow cdrecord to read various content. nfs, samba, removable devices, user temp and untrusted content files

policy for chrome Execute a domain transition to run chrome_sandbox. Domain allowed to transition. Execute chrome_sandbox in the chrome_sandbox domain, and allow the specified role the chrome_sandbox domain. Domain allowed access The role to be allowed the chrome_sandbox domain. Role access for chrome sandbox Role allowed access User domain for the role Role access for chrome sandbox Role allowed access User domain for the role Dontaudit read/write to a chrome_sandbox leaks Domain to not audit. Command-line CPU frequency settings. Ethereal packet capture tool. Role access for ethereal Role allowed access User domain for the role Run ethereal in ethereal domain. Domain allowed access. Run tethereal in the tethereal domain. Domain allowed access. Execute tethereal in the tethereal domain, and allow the specified role the tethereal domain. Domain allowed access. The role to be allowed the tethereal domain. Evolution email client Role access for evolution Role allowed access User domain for the role Create objects in users evolution home folders. Domain allowed access. Private file type. The object class of the object being created. Connect to evolution unix stream socket. Domain allowed access. Send and receive messages from evolution over dbus. Domain allowed access. Send and receive messages from evolution_alarm over dbus. Domain allowed access. execmem domain Execute the execmem program in the execmem domain. Domain allowed access. Execute a execmem_exec file in the specified domain. Domain allowed access. The type of the new process. Execmod the execmem_exec applications Domain allowed access. policy for firewallgui Send and receive messages from firewallgui over dbus. Domain allowed access. Games Role access for games Role allowed access User domain for the role Allow the specified domain to read/write games data. Domain allowed access. giFT peer to peer file sharing tool Role access for gift Role allowed access User domain for the role Tools for managing and hosting git repositories. Execute a domain transition to run gitosis. Domain allowed to transition. Execute gitosis-serve in the gitosis domain, and allow the specified role the gitosis domain. Domain allowed access Role allowed access. Allow the specified domain to read gitosis lib files. Domain allowed access. Allow the specified domain to manage gitosis lib files. Domain allowed access. GNU network object model environment (GNOME) Role access for gnome Role allowed access User domain for the role gconf connection template. The type of the user domain. Run gconfd in gconfd domain. Domain allowed access. Dontaudit search gnome homedir content (.config) The type of the user domain. manage gnome homedir content (.config) The type of the user domain. Send general signals to all gconf domains. Domain allowed access. Create objects in a Gnome cache home directory with an automatic type transition to a specified private type. Domain allowed access. The type of the object to create. The class of the object to be created. Read generic cache home files (.cache) Domain allowed access. Set attributes of cache home dir (.cache) Domain allowed access. write to generic cache home files (.cache) Domain allowed access. Set attributes of Gnome config dirs. Domain allowed access. Create objects in a Gnome gconf home directory with an automatic type transition to a specified private type. Domain allowed access. The type of the object to create. The class of the object to be created. Read generic data home files. Domain allowed access. Create gconf_home_t objects in the /root directory Domain allowed access. The class of the object to be created. Manage gconf config files Domain allowed access. Execute gconf programs in in the caller domain. Domain allowed access. Read gconf home files Domain allowed access. search gconf homedir (.local) The type of the domain. Append gconf home files Domain allowed access. manage gconf home files Domain allowed access. Connect to gnome over an unix stream socket. Domain allowed access. The type of the user domain. Read/Write all inherited gnome home config Domain allowed access. read gnome homedir content (.config) Domain allowed access. Send and receive messages from gconf system service over dbus. Domain allowed access. Policy for GNU Privacy Guard and related programs. Role access for gpg Role allowed access User domain for the role Transition to a user gpg domain. Domain allowed access. Transition to a gpg web domain. Domain allowed access. Make gpg an entrypoint for the specified domain. The domain for which cifs_t is an entrypoint. Send generic signals to user gpg processes. Domain allowed access. Read and write GPG named pipes. Domain allowed access. Send messages to and from GPG Pinentry over DBUS. Domain allowed access. List Gnu Privacy Guard user content dirs. Domain allowed access.

Allow usage of the gpg-agent --write-env-file option. This also allows gpg-agent to manage user files.

Allow gpg web domain to modify public files used for public file transfer services.

IRC client policy Role access for IRC Role allowed access User domain for the role

Allow the Irssi IRC Client to connect to any port, and to bind to any unreserved port.

Java virtual machine Role access for java Role allowed access User domain for the role Execute java in the java domain, and allow the specified role the java domain. The type of the process performing this action. The role to be allowed the java domain. Execute the java program in the unconfined java domain. Domain allowed access. Execute the java program in the unconfined java domain. Domain allowed access. Role allowed access. Allow read and write access to unconfined java shared memory. Domain allowed access. Execute the java program in the java domain. Domain allowed access.

Allow java executable stack

system-config-kdump policy

Allow s-c-kdump to run bootloader in bootloader_t.

policy for livecd Execute a domain transition to run livecd. Domain allowed to transition. Execute livecd in the livecd domain, and allow the specified role the livecd domain. Domain allowed access The role to be allowed the livecd domain. Dontaudit read/write to a livecd leaks Domain allowed access. Read livecd temporary files. Domain allowed access. Read and write livecd temporary files. Domain allowed access. Allow read and write access to livecd semaphores. Domain allowed access. Load keyboard mappings. Execute the loadkeys program in the loadkeys domain. The type of the process performing this action. Execute the loadkeys program in the loadkeys domain. The type of the process performing this action. The role to allow the loadkeys domain. Execute the loadkeys program in the caller domain. The type of the process performing this action. device locking policy for lockdev Role access for lockdev Role allowed access User domain for the role Mediawiki policy Allow the specified domain to read mediawiki tmp files. Domain allowed access. Delete mediawiki tmp files. Domain allowed access. Run .NET server and client applications on Linux. Execute the mono program in the mono domain. Domain allowed access. Execute mono in the mono domain, and allow the specified role the mono domain. The type of the process performing this action. The role to be allowed the mono domain. Execute the mono program in the caller domain. Domain allowed access. Read and write to mono shared memory. The type of the process performing this action. Policy for Mozilla and related web browsers Role access for mozilla Role allowed access User domain for the role Read mozilla home directory content Domain allowed access. Write mozilla home directory content Domain allowed access. Dontaudit attempts to read/write mozilla home directory content Domain allowed access. Dontaudit attempts to write mozilla home directory content Domain allowed access. Run mozilla in the mozilla domain. Domain allowed access. Send and receive messages from mozilla over dbus. Domain allowed access. Write mozilla home directory content Domain allowed access. Execute mozilla_exec_t in the specified domain.

Execute a mozilla_exec_t in the specified domain.

No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module.

Domain allowed access. The type of the new process. Execute a domain transition to run mozilla_plugin. Domain allowed access. Execute mozilla_plugin in the mozilla_plugin domain, and allow the specified role the mozilla_plugin domain. Domain allowed access The role to be allowed the mozilla_plugin domain. Execute qemu unconfined programs in the role. The role to allow the mozilla_plugin domain. read/write mozilla per user tcp_socket Domain allowed access. Read mozilla_plugin tmpfs files Domain allowed access Delete mozilla_plugin tmpfs files Domain allowed access Dontaudit read/write to a mozilla_plugin leaks Domain to not audit. Execute mozilla home directory content. Domain allowed access.

Control mozilla content access

Mplayer media player and encoder Role access for mplayer Role allowed access User domain for the role Run mplayer in mplayer domain. Domain allowed access. Execute mplayer in the caller domain. Domain allowed access. Read mplayer per user homedir Domain allowed access. Execute mplayer_exec_t in the specified domain.

Execute a mplayer_exec_t in the specified domain.

No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module.

Domain allowed access. The type of the new process.

Allow mplayer executable stack

policy for namespace Execute a domain transition to run namespace_init. Domain allowed access. Execute namespace_init in the namespace_init domain, and allow the specified role the namespace_init domain. Domain allowed access The role to be allowed the namespace_init domain. policy for nsplugin Create, read, write, and delete nsplugin rw files. Domain allowed access. Manage nsplugin rw files. Domain allowed access. The per role template for the nsplugin module.

This template creates a derived domains which are used for nsplugin web browser.

This template is invoked automatically for each user, and generally does not need to be invoked directly by policy writers.

The role associated with the user domain. The type of the user domain. Role access for nsplugin The role associated with the user domain. The type of the user domain. The per role template for the nsplugin module. The type of the user domain. The per role template for the nsplugin module. The type of the user domain. Search nsplugin rw directories. Domain allowed access. Read nsplugin rw files. Domain allowed access. Read nsplugin home files. Domain allowed access. Exec nsplugin rw files. Domain allowed access. Create, read, write, and delete nsplugin home files. Domain allowed access. manage nnsplugin home dirs. Domain allowed access. Allow attempts to read and write to nsplugin named pipes. Domain to not audit. Read and write to nsplugin shared memory. The type of the process performing this action. Allow read and write access to nsplugin semaphores. Domain allowed access. Execute nsplugin_exec_t in the specified domain.

Execute a nsplugin_exec_t in the specified domain.

No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module.

Domain allowed access. The type of the new process. Create objects in a user home directory with an automatic type transition to the nsplugin home file type. Domain allowed access. The class of the object to be created. Create objects in a user home directory with an automatic type transition to the nsplugin home file type. Domain allowed access. The class of the object to be created. Send signull signal to nsplugin processes. Domain allowed access. Send generic signals to user nsplugin processes. Domain allowed access.

Allow nsplugin code to execmem/execstack

Allow nsplugin code to connect to unreserved ports

Openoffice The per role template for the openoffice module. The type of the user domain. role for openoffice

This template creates a derived domains which are used for java applications.

The prefix of the user domain (e.g., user is the prefix for user_t). The role associated with the user domain. The type of the user domain. Execute openoffice_exec_t in the specified domain.

Execute a openoffice_exec_t in the specified domain.

No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module.

Domain allowed access. The type of the new process. Podsleuth is a tool to get information about an Apple (TM) iPod (TM) Execute a domain transition to run podsleuth. Domain allowed to transition. Execute podsleuth in the podsleuth domain, and allow the specified role the podsleuth domain. Domain allowed access The role to be allowed the podsleuth domain. helper function for grantpt(3), changes ownship and permissions of pseudotty Execute a domain transition to run ptchown. Domain allowed to transition. Execute ptchown in the ptchown domain, and allow the specified role the ptchown domain. Domain allowed access. The role to be allowed the ptchown domain. Pulseaudio network sound server. Role access for pulseaudio Role allowed access User domain for the role Execute a domain transition to run pulseaudio. Domain allowed to transition. Execute pulseaudio in the pulseaudio domain, and allow the specified role the pulseaudio domain. Domain allowed access. The role to be allowed the pulseaudio domain. Execute a pulseaudio in the current domain. Domain allowed to transition. dontaudit attempts to execute a pulseaudio in the current domain. Domain allowed to transition. Connect to pulseaudio over a unix domain stream socket. Domain allowed access. Send and receive messages from pulseaudio over dbus. Domain allowed access. Set the attributes of the pulseaudio homedir. Domain allowed access. Read pulseaudio homedir files. Domain allowed access. Read and write Pulse Audio files. Domain allowed access. Create, read, write, and delete pulseaudio home directory files. Domain allowed access. Send signull signal to pulseaudio processes. Domain allowed access. Create, read, write, and delete pulseaudio home directory symlinks. Domain allowed access. QEMU machine emulator and virtualizer Execute a domain transition to run qemu. Domain allowed to transition. Execute a qemu in the callers domain Domain allowed access. Execute qemu in the qemu domain. Domain allowed to transition. The role to allow the qemu domain. Allow the domain to read state files in /proc. Domain to allow access. Set the schedule on qemu. Domain allowed access. Send a signal to qemu. Domain allowed access. Send a sigill to qemu Domain allowed access. Execute qemu_exec_t in the specified domain but do not do it automatically. This is an explicit transition, requiring the caller to use setexeccon().

Execute qemu_exec_t in the specified domain. This allows the specified domain to qemu programs on these filesystems in the specified domain.

Domain allowed access. The type of the new process. Manage qemu temporary dirs. Domain allowed access. Manage qemu temporary files. Domain allowed access. Make qemu_exec_t an entrypoint for the specified domain. The domain for which qemu_exec_t is an entrypoint.

Allow qemu to connect fully to the network

Allow qemu to use cifs/Samba file systems

Allow qemu to user serial/parallel communication ports

Allow qemu to use nfs file systems

Allow qemu to use usb devices

Restricted (scp/sftp) only shell Role access for rssh Role allowed access User domain for the role Transition to all user rssh domains. Domain allowed access. Execute the rssh program in the caller domain. Domain allowed access. Read all users rssh read-only content. Domain allowed access. system-config-samba policy policy for sandbox Execute sandbox in the sandbox domain, and allow the specified role the sandbox domain. Domain allowed access The role to be allowed the sandbox domain. allow domain to read, write sandbox_xserver tmp files Domain allowed access allow domain to read sandbox tmpfs files Domain allowed access allow domain to manage sandbox tmpfs files Domain allowed access Delete sandbox files Domain allowed access Delete sandbox sock files Domain allowed access Allow domain to set the attributes of the sandbox directory. Domain allowed access allow domain to delete sandbox files Domain allowed access allow domain to list sandbox dirs Domain allowed access Read and write a sandbox domain pty. Domain allowed access. GNU terminal multiplexer Execute the rssh program in the caller domain. Domain allowed access. Filesystem namespacing/polyinstantiation application. The role template for the seunshare module. The prefix of the user role (e.g., user is the prefix for user_r). Role allowed access. User domain for the role. Update database for mlocate Create the locate log with append mode. Domain allowed access. Read locate lib files. Domain allowed access. Telepathy framework. Send DBus messages to and from all Telepathy domain. Domain allowed access. Send DBus messages to and from Telepathy Gabble. Domain allowed access. Stream connect to Telepathy Gabble Domain allowed access. Stream connect to telepathy MSN managers Domain allowed access. Stream connect to Telepathy Salut Domain allowed access.

Allow the Telepathy connection managers to connect to any generic TCP port.

Thunderbird email client Role access for thunderbird Role allowed access User domain for the role Run thunderbird in the user thunderbird domain. Domain allowed access. tvtime - a high quality television application Role access for tvtime Role allowed access User domain for the role Policy for UML Role access for uml Role allowed access User domain for the role Set attributes on uml utility socket files. Domain allowed access. Manage uml utility files. Domain allowed access. SELinux utility to run a shell with a new role Search the userhelper configuration directory. Domain allowed access. Do not audit attempts to search the userhelper configuration directory. Domain to not audit. Allow domain to use userhelper file descriptor. Domain allowed access. Allow domain to send sigchld to userhelper. Domain allowed access. Execute the userhelper program in the caller domain. The type of the process performing this action. User network interface configuration helper Execute usernetctl in the usernetctl domain. Domain allowed access. Execute usernetctl in the usernetctl domain, and allow the specified role the usernetctl domain. Domain allowed access. The role to be allowed the usernetctl domain. VMWare Workstation virtual machines Role access for vmware Role allowed access User domain for the role Read VMWare system configuration files. Domain allowed access. Append to VMWare system configuration files. Domain allowed access. Append to VMWare log files. Domain allowed access. Execute vmware host executables Domain allowed access. Web server log analysis Execute webalizer in the webalizer domain. The type of the process performing this action. Execute webalizer in the webalizer domain, and allow the specified role the webalizer domain. The type of the process performing this action. The role to be allowed the webalizer domain. Wine Is Not an Emulator. Run Windows programs in Linux. Execute the wine program in the wine domain. Domain allowed access. Execute wine in the wine domain, and allow the specified role the wine domain. The type of the process performing this action. The role to be allowed the wine domain.

Ignore wine mmap_zero errors

Wireshark packet capture tool. Role access for wireshark Role allowed access User domain for the role Run wireshark in wireshark domain. Domain allowed access. X Window Managers Execute the wm program in the wm domain. Domain allowed access. X Screensaver Role access for xscreensaver Role allowed access User domain for the role Yum/Apt Mirroring Execute yam in the yam domain. Domain allowed access. Execute yam in the yam domain, and allow the specified role the yam domain. Domain allowed access. The role to be allowed the yam domain. Read yam content. Domain allowed access.