2009-08-05 14:59:21 +00:00
|
|
|
policy_module(ulogd, 1.1.0)
|
2009-04-20 19:03:15 +00:00
|
|
|
|
|
|
|
|
########################################
|
|
|
|
|
#
|
|
|
|
|
# Declarations
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
type ulogd_t;
|
|
|
|
|
type ulogd_exec_t;
|
|
|
|
|
init_daemon_domain(ulogd_t, ulogd_exec_t)
|
|
|
|
|
|
|
|
|
|
# config files
|
|
|
|
|
type ulogd_etc_t;
|
|
|
|
|
files_type(ulogd_etc_t)
|
|
|
|
|
|
|
|
|
|
type ulogd_initrc_exec_t;
|
|
|
|
|
init_script_file(ulogd_initrc_exec_t)
|
|
|
|
|
|
|
|
|
|
# /usr/lib files
|
|
|
|
|
type ulogd_modules_t;
|
|
|
|
|
files_type(ulogd_modules_t)
|
|
|
|
|
|
|
|
|
|
# log files
|
|
|
|
|
type ulogd_var_log_t;
|
|
|
|
|
logging_log_file(ulogd_var_log_t)
|
|
|
|
|
|
|
|
|
|
########################################
|
|
|
|
|
#
|
|
|
|
|
# ulogd local policy
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
allow ulogd_t self:capability net_admin;
|
|
|
|
|
allow ulogd_t self:netlink_nflog_socket create_socket_perms;
|
2010-08-26 13:41:21 +00:00
|
|
|
allow ulogd_t self:netlink_route_socket r_netlink_socket_perms;
|
|
|
|
|
allow ulogd_t self:tcp_socket { create_stream_socket_perms connect };
|
|
|
|
|
allow ulogd_t self:udp_socket create_socket_perms;
|
2009-04-20 19:03:15 +00:00
|
|
|
|
|
|
|
|
# config files
|
|
|
|
|
read_files_pattern(ulogd_t, ulogd_etc_t, ulogd_etc_t)
|
|
|
|
|
|
|
|
|
|
# modules for ulogd
|
|
|
|
|
list_dirs_pattern(ulogd_t, ulogd_modules_t, ulogd_modules_t)
|
|
|
|
|
mmap_files_pattern(ulogd_t, ulogd_modules_t, ulogd_modules_t)
|
|
|
|
|
|
|
|
|
|
# log files
|
|
|
|
|
manage_files_pattern(ulogd_t, ulogd_var_log_t, ulogd_var_log_t)
|
|
|
|
|
logging_log_filetrans(ulogd_t, ulogd_var_log_t, file)
|
|
|
|
|
|
2010-08-26 13:41:21 +00:00
|
|
|
files_read_etc_files(ulogd_t)
|
|
|
|
|
files_read_usr_files(ulogd_t)
|
2009-04-20 19:03:15 +00:00
|
|
|
|
|
|
|
|
miscfiles_read_localization(ulogd_t)
|
2010-08-26 13:41:21 +00:00
|
|
|
|
|
|
|
|
sysnet_dns_name_resolve(ulogd_t)
|
|
|
|
|
|
|
|
|
|
optional_policy(`
|
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
2010-09-24 07:17:22 +00:00
|
|
|
mysql_stream_connect(ulogd_t)
|
2010-09-24 08:48:56 +00:00
|
|
|
mysql_tcp_connect(ulogd_t)
|
2010-08-26 13:41:21 +00:00
|
|
|
')
|
|
|
|
|
|
|
|
|
|
optional_policy(`
|
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
2010-09-24 07:17:22 +00:00
|
|
|
postgresql_stream_connect(ulogd_t)
|
2010-08-26 13:41:21 +00:00
|
|
|
postgresql_tcp_connect(ulogd_t)
|
|
|
|
|
')
|
