22 lines
651 B
Plaintext
22 lines
651 B
Plaintext
|
#DESC readahead - read files in page cache
|
||
|
#
|
||
|
# Author: Dan Walsh (dwalsh@redhat.com)
|
||
|
#
|
||
|
|
||
|
#################################
|
||
|
#
|
||
|
# Declarations for readahead
|
||
|
#
|
||
|
|
||
|
daemon_domain(readahead)
|
||
|
#
|
||
|
# readahead asks for these
|
||
|
#
|
||
|
allow readahead_t { file_type -secure_file_type }:{ file lnk_file } { getattr read };
|
||
|
allow readahead_t { file_type -secure_file_type }:dir r_dir_perms;
|
||
|
dontaudit readahead_t shadow_t:file { getattr read };
|
||
|
allow readahead_t { device_t device_type }:{ lnk_file chr_file blk_file } getattr;
|
||
|
dontaudit readahead_t file_type:sock_file getattr;
|
||
|
allow readahead_t proc_t:file { getattr read };
|
||
|
dontaudit readahead_t device_type:blk_file read;
|