selinux-policy/policy/modules/admin/anaconda.te


policy_module(anaconda,1.2.1)

########################################
#
# Declarations
#

type anaconda_t;
type anaconda_exec_t;
domain_type(anaconda_t)
domain_obj_id_change_exemption(anaconda_t)
role system_r types anaconda_t;

########################################
#
# Local policy
#

allow anaconda_t self:process execmem;

kernel_domtrans_to(anaconda_t,anaconda_exec_t)

# Run other rc scripts in the anaconda_t domain.
init_domtrans_script(anaconda_t)

libs_domtrans_ldconfig(anaconda_t)

logging_send_syslog_msg(anaconda_t)

modutils_domtrans_insmod(anaconda_t)

seutil_domtrans_semanage(anaconda_t)

unconfined_domain(anaconda_t)

unprivuser_home_dir_filetrans_home_content(anaconda_t,{ dir file lnk_file fifo_file sock_file })

optional_policy(`
	dmesg_domtrans(anaconda_t)
')

optional_policy(`
	kudzu_domtrans(anaconda_t)
')

optional_policy(`
	rpm_domtrans(anaconda_t)
	rpm_domtrans_script(anaconda_t)
')

optional_policy(`
	ssh_domtrans_keygen(anaconda_t)
')

optional_policy(`
	udev_domtrans(anaconda_t)
')

optional_policy(`
	usermanage_domtrans_admin_passwd(anaconda_t)
')
add anaconda 2005-09-23 22:15:04 +00:00
trunk: Move user roles into individual modules. 2008-04-29 13:58:34 +00:00			`policy_module(anaconda,1.2.1)`
add anaconda 2005-09-23 22:15:04 +00:00
			`########################################`
			`#`
			`# Declarations`
			`#`

			`type anaconda_t;`
patch from dan Wed, 23 Aug 2006 14:03:49 -0400 2006-08-29 02:41:00 +00:00			`type anaconda_exec_t;`
add anaconda 2005-09-23 22:15:04 +00:00			`domain_type(anaconda_t)`
another slew of renaming 2006-02-02 21:08:12 +00:00			`domain_obj_id_change_exemption(anaconda_t)`
add anaconda 2005-09-23 22:15:04 +00:00			`role system_r types anaconda_t;`

			`########################################`
			`#`
			`# Local policy`
			`#`

patch from dan Wed, 23 Aug 2006 14:03:49 -0400 2006-08-29 02:41:00 +00:00			`allow anaconda_t self:process execmem;`

			`kernel_domtrans_to(anaconda_t,anaconda_exec_t)`

add anaconda 2005-09-23 22:15:04 +00:00			`# Run other rc scripts in the anaconda_t domain.`
			`init_domtrans_script(anaconda_t)`

			`libs_domtrans_ldconfig(anaconda_t)`

			`logging_send_syslog_msg(anaconda_t)`

			`modutils_domtrans_insmod(anaconda_t)`

patch from dan Wed, 23 Aug 2006 14:03:49 -0400 2006-08-29 02:41:00 +00:00			`seutil_domtrans_semanage(anaconda_t)`

patch from dan Wed, 01 Feb 2006 08:33:30 -0500 2006-02-06 22:47:46 +00:00			`unconfined_domain(anaconda_t)`
add anaconda 2005-09-23 22:15:04 +00:00
trunk: Move user roles into individual modules. 2008-04-29 13:58:34 +00:00			`unprivuser_home_dir_filetrans_home_content(anaconda_t,{ dir file lnk_file fifo_file sock_file })`
patch from dan Wed, 23 Aug 2006 14:03:49 -0400 2006-08-29 02:41:00 +00:00
deprecate module name as first parameter of optional_policy() 2006-03-24 16:13:54 +00:00			optional_policy(`
add anaconda 2005-09-23 22:15:04 +00:00			`dmesg_domtrans(anaconda_t)`
			`')`

deprecate module name as first parameter of optional_policy() 2006-03-24 16:13:54 +00:00			optional_policy(`
pile of sediff fixes 2005-11-08 22:00:30 +00:00			`kudzu_domtrans(anaconda_t)`
			`')`

deprecate module name as first parameter of optional_policy() 2006-03-24 16:13:54 +00:00			optional_policy(`
add anaconda 2005-09-23 22:15:04 +00:00			`rpm_domtrans(anaconda_t)`
patch from dan Wed, 23 Aug 2006 14:03:49 -0400 2006-08-29 02:41:00 +00:00			`rpm_domtrans_script(anaconda_t)`
add anaconda 2005-09-23 22:15:04 +00:00			`')`

patch from dan Thu, 31 Aug 2006 15:16:30 -0400 2006-09-01 15:52:05 +00:00			optional_policy(`
			`ssh_domtrans_keygen(anaconda_t)`
			`')`

deprecate module name as first parameter of optional_policy() 2006-03-24 16:13:54 +00:00			optional_policy(`
add anaconda 2005-09-23 22:15:04 +00:00			`udev_domtrans(anaconda_t)`
			`')`

deprecate module name as first parameter of optional_policy() 2006-03-24 16:13:54 +00:00			optional_policy(`
add anaconda 2005-09-23 22:15:04 +00:00			`usermanage_domtrans_admin_passwd(anaconda_t)`
			`')`