Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

15.2. Types

The main permission control method used in SELinux targeted policy to provide advanced process isolation is Type Enforcement. All files and processes are labeled with a type: types define a SELinux domain for processes and a SELinux type for files. SELinux policy rules define how types access each other, whether it be a domain accessing a type, or a domain accessing another domain. Access is only allowed if a specific SELinux policy rule exists that allows it.
The following types are used with Red Hat Gluster Storage. Different types allow you to configure flexible access:

Process types

The Gluster processes are associated with the glusterd_t SELinux type.

Types on executables

The SELinux-specific script type context for the Gluster init script files.
The SELinux-specific executable type context for the Gluster executable files.

Port Types

This type is defined for glusterd. By default, glusterd uses 204007-24027, and 38465-38469 TCP ports.

File Contexts

This type is used for files threated as glusterd brick data.
This type is associated with the glusterd configuration data, usually stored in the /etc/ directory.
Files with this type are treated as glusterd log data, usually stored under the /var/log/ directory.
This type is used for storing the glusterd temporary files in the /tmp/ directory.
This type allows storing the glusterd files in the /var/lib/ directory.
This type allows storing the glusterd files in the /run/ or /var/run/ directory.