2008-05-26 17:48:56 +00:00
|
|
|
## <summary>Service for reporting kernel oopses to kerneloops.org</summary>
|
2008-05-26 17:47:49 +00:00
|
|
|
|
|
|
|
########################################
|
|
|
|
## <summary>
|
|
|
|
## Execute a domain transition to run kerneloops.
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
2010-09-20 09:48:51 +00:00
|
|
|
## <summary>
|
2008-05-26 17:47:49 +00:00
|
|
|
## Domain allowed to transition.
|
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
2010-09-20 09:48:51 +00:00
|
|
|
## </summary>
|
2008-05-26 17:47:49 +00:00
|
|
|
## </param>
|
|
|
|
#
|
|
|
|
interface(`kerneloops_domtrans',`
|
|
|
|
gen_require(`
|
2010-09-20 10:09:09 +00:00
|
|
|
type kerneloops_t, kerneloops_exec_t;
|
2008-05-26 17:47:49 +00:00
|
|
|
')
|
|
|
|
|
|
|
|
domtrans_pattern($1, kerneloops_exec_t, kerneloops_t)
|
|
|
|
')
|
|
|
|
|
|
|
|
########################################
|
|
|
|
## <summary>
|
|
|
|
## Send and receive messages from
|
|
|
|
## kerneloops over dbus.
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
|
|
|
## Domain allowed access.
|
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
#
|
|
|
|
interface(`kerneloops_dbus_chat',`
|
|
|
|
gen_require(`
|
|
|
|
type kerneloops_t;
|
|
|
|
class dbus send_msg;
|
|
|
|
')
|
|
|
|
|
|
|
|
allow $1 kerneloops_t:dbus send_msg;
|
|
|
|
allow kerneloops_t $1:dbus send_msg;
|
|
|
|
')
|
|
|
|
|
|
|
|
########################################
|
|
|
|
## <summary>
|
|
|
|
## dontaudit attempts to Send and receive messages from
|
|
|
|
## kerneloops over dbus.
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
2010-08-05 13:03:19 +00:00
|
|
|
## Domain to not audit.
|
2008-05-26 17:47:49 +00:00
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
#
|
|
|
|
interface(`kerneloops_dontaudit_dbus_chat',`
|
|
|
|
gen_require(`
|
|
|
|
type kerneloops_t;
|
|
|
|
class dbus send_msg;
|
|
|
|
')
|
|
|
|
|
|
|
|
dontaudit $1 kerneloops_t:dbus send_msg;
|
|
|
|
dontaudit kerneloops_t $1:dbus send_msg;
|
|
|
|
')
|
|
|
|
|
2009-06-30 19:27:21 +00:00
|
|
|
########################################
|
|
|
|
## <summary>
|
|
|
|
## Allow domain to manage kerneloops tmp files
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
2010-08-05 13:03:19 +00:00
|
|
|
## Domain allowed access.
|
2009-06-30 19:27:21 +00:00
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
#
|
|
|
|
interface(`kerneloops_manage_tmp_files',`
|
|
|
|
gen_require(`
|
|
|
|
type kerneloops_tmp_t;
|
|
|
|
')
|
|
|
|
|
|
|
|
manage_files_pattern($1, kerneloops_tmp_t, kerneloops_tmp_t)
|
|
|
|
files_search_tmp($1)
|
|
|
|
')
|
|
|
|
|
2008-05-26 17:47:49 +00:00
|
|
|
########################################
|
|
|
|
## <summary>
|
|
|
|
## All of the rules required to administrate
|
|
|
|
## an kerneloops environment
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
|
|
|
## Domain allowed access.
|
|
|
|
## </summary>
|
|
|
|
## </param>
|
2008-10-13 15:06:23 +00:00
|
|
|
## <param name="role">
|
|
|
|
## <summary>
|
|
|
|
## The role to be allowed to manage the kerneloops domain.
|
|
|
|
## </summary>
|
|
|
|
## </param>
|
2008-05-26 17:47:49 +00:00
|
|
|
## <rolecap/>
|
|
|
|
#
|
|
|
|
interface(`kerneloops_admin',`
|
|
|
|
gen_require(`
|
2010-09-20 10:09:09 +00:00
|
|
|
type kerneloops_t, kerneloops_initrc_exec_t, kerneloops_tmp_t;
|
2008-05-26 17:47:49 +00:00
|
|
|
')
|
|
|
|
|
|
|
|
allow $1 kerneloops_t:process { ptrace signal_perms };
|
|
|
|
ps_process_pattern($1, kerneloops_t)
|
2008-10-13 15:06:23 +00:00
|
|
|
|
|
|
|
init_labeled_script_domtrans($1, kerneloops_initrc_exec_t)
|
|
|
|
domain_system_change_exemption($1)
|
|
|
|
role_transition $2 kerneloops_initrc_exec_t system_r;
|
|
|
|
allow $2 system_r;
|
2009-06-30 19:27:21 +00:00
|
|
|
|
2010-09-20 09:59:51 +00:00
|
|
|
files_search_tmp($1)
|
2009-06-30 19:27:21 +00:00
|
|
|
admin_pattern($1, kerneloops_tmp_t)
|
2008-05-26 17:47:49 +00:00
|
|
|
')
|