Devpts Types

The devpts.te file contains declarations for types used for the pseudo files related to /dev/pts.

The ptmx_t type is used to control access to the /dev/ptmx pty master multiplex device. The rlogind domain and user domains are allowed to read and write this type. The devpts_t type is the type for the /dev/pts directory. All domains are allowed to read this type. Pty files in /dev/pts are labeled with a type derived from the domain of the creating process. Each domain is granted access to its own ptys. Ptys created by rlogind are labeled with the rlogind_devpts_t type. The login program was modified to relabel the user terminal based on the user's security context. Consequently, ptys are relabeled by login to a derived type, user_devpts_t or sysadm_devpts_t.