selinux-policy/refpolicy/policy/modules/system/corecommands.fc

# Copyright (C) 2005 Tresys Technology, LLC

#
# /bin
#
/bin(/.*)?			system_u:object_r:bin_t
/bin/d?ash		--	system_u:object_r:shell_exec_t
/bin/bash		--	system_u:object_r:shell_exec_t
/bin/bash2		--	system_u:object_r:shell_exec_t
/bin/ls			--	system_u:object_r:ls_exec_t
/bin/sash		--	system_u:object_r:shell_exec_t
/bin/tcsh		--	system_u:object_r:shell_exec_t
/bin/zsh.*		--	system_u:object_r:shell_exec_t

#
# /dev
#
/dev/MAKEDEV		--	system_u:object_r:sbin_t

#
# /etc
#
/etc/hotplug/.*agent	--	system_u:object_r:sbin_t
/etc/hotplug/.*rc	-- 	system_u:object_r:sbin_t

/etc/hotplug/hotplug\.functions -- system_u:object_r:sbin_t

/etc/hotplug\.d/default/default.* system_u:object_r:sbin_t

/etc/netplug\.d(/.*)? 	 	system_u:object_r:sbin_t

ifdef(`targeted_policy', `
/etc/X11/prefdm		--	system_u:object_r:bin_t
')

#
# /sbin
#
/sbin(/.*)?			system_u:object_r:sbin_t
/sbin/insmod_ksymoops_clean --	system_u:object_r:sbin_t

#
# /opt
#
/opt/.*/bin(/.*)?		system_u:object_r:bin_t

/opt/.*/libexec(/.*)?		system_u:object_r:bin_t

/opt/.*/sbin(/.*)?		system_u:object_r:sbin_t

#
# /usr
#
ifdef(`distro_gentoo', `
/usr/.*-.*-linux-gnu/gcc-bin/.*(/.*)?	system_u:object_r:bin_t
')

/usr(/.*)?/Bin(/.*)?		system_u:object_r:bin_t

/usr(/.*)?/bin(/.*)?		system_u:object_r:bin_t

/usr(/.*)?/sbin(/.*)?		system_u:object_r:sbin_t

/usr/lib(64)?/emacsen-common/.*	system_u:object_r:bin_t

/usr/lib(64)?/[^/]*thunderbird[^/]*/thunderbird	-- system_u:object_r:bin_t
/usr/lib(64)?/[^/]*thunderbird[^/]*/thunderbird-bin -- system_u:object_r:bin_t
/usr/lib(64)?/[^/]*thunderbird[^/]*/run-mozilla\.sh -- system_u:object_r:bin_t
/usr/lib(64)?/[^/]*thunderbird[^/]*/mozilla-xremote-client -- system_u:object_r:bin_t

/usr/libexec(/.*)?		system_u:object_r:bin_t

/usr/sbin/sesh		--	system_u:object_r:shell_exec_t

/usr/share/gnucash/finance-quote-check -- system_u:object_r:bin_t
/usr/share/gnucash/finance-quote-helper -- system_u:object_r:bin_t

/usr/share/mc/extfs/.*	--	system_u:object_r:bin_t

#
# /var
#
/var/mailman/bin(/.*)?		system_u:object_r:bin_t

/var/ftp/bin(/.*)?		system_u:object_r:bin_t
/var/ftp/bin/ls		--	system_u:object_r:ls_exec_t
initial commit 2005-05-10 19:51:00 +00:00			`# Copyright (C) 2005 Tresys Technology, LLC`

			`#`
			`# /bin`
			`#`
			`/bin(/.*)? system_u:object_r:bin_t`
			`/bin/d?ash -- system_u:object_r:shell_exec_t`
			`/bin/bash -- system_u:object_r:shell_exec_t`
			`/bin/bash2 -- system_u:object_r:shell_exec_t`
			`/bin/ls -- system_u:object_r:ls_exec_t`
			`/bin/sash -- system_u:object_r:shell_exec_t`
			`/bin/tcsh -- system_u:object_r:shell_exec_t`
			`/bin/zsh.* -- system_u:object_r:shell_exec_t`

			`#`
			`# /dev`
			`#`
			`/dev/MAKEDEV -- system_u:object_r:sbin_t`

			`#`
			`# /etc`
			`#`
			`/etc/hotplug/.*agent -- system_u:object_r:sbin_t`
			`/etc/hotplug/.*rc -- system_u:object_r:sbin_t`

			`/etc/hotplug/hotplug\.functions -- system_u:object_r:sbin_t`

			`/etc/hotplug\.d/default/default.* system_u:object_r:sbin_t`

			`/etc/netplug\.d(/.*)? system_u:object_r:sbin_t`

			ifdef(`targeted_policy', `
			`/etc/X11/prefdm -- system_u:object_r:bin_t`
			`')`

			`#`
			`# /sbin`
			`#`
			`/sbin(/.*)? system_u:object_r:sbin_t`
			`/sbin/insmod_ksymoops_clean -- system_u:object_r:sbin_t`

			`#`
			`# /opt`
			`#`
			`/opt/./bin(/.)? system_u:object_r:bin_t`

			`/opt/./libexec(/.)? system_u:object_r:bin_t`

			`/opt/./sbin(/.)? system_u:object_r:sbin_t`

			`#`
			`# /usr`
			`#`
			ifdef(`distro_gentoo', `
			`/usr/.-.-linux-gnu/gcc-bin/.(/.)? system_u:object_r:bin_t`
			`')`

			`/usr(/.)?/Bin(/.)? system_u:object_r:bin_t`

			`/usr(/.)?/bin(/.)? system_u:object_r:bin_t`

			`/usr(/.)?/sbin(/.)? system_u:object_r:sbin_t`

			`/usr/lib(64)?/emacsen-common/.* system_u:object_r:bin_t`

			`/usr/lib(64)?/[^/]thunderbird[^/]/thunderbird -- system_u:object_r:bin_t`
			`/usr/lib(64)?/[^/]thunderbird[^/]/thunderbird-bin -- system_u:object_r:bin_t`
			`/usr/lib(64)?/[^/]thunderbird[^/]/run-mozilla\.sh -- system_u:object_r:bin_t`
			`/usr/lib(64)?/[^/]thunderbird[^/]/mozilla-xremote-client -- system_u:object_r:bin_t`

			`/usr/libexec(/.*)? system_u:object_r:bin_t`

			`/usr/sbin/sesh -- system_u:object_r:shell_exec_t`

			`/usr/share/gnucash/finance-quote-check -- system_u:object_r:bin_t`
			`/usr/share/gnucash/finance-quote-helper -- system_u:object_r:bin_t`

			`/usr/share/mc/extfs/.* -- system_u:object_r:bin_t`

			`#`
			`# /var`
			`#`
			`/var/mailman/bin(/.*)? system_u:object_r:bin_t`

			`/var/ftp/bin(/.*)? system_u:object_r:bin_t`
			`/var/ftp/bin/ls -- system_u:object_r:ls_exec_t`