2010-05-21 19:59:16 +00:00
|
|
|
## <summary>RHCS - Red Hat Cluster Suite</summary>
|
2010-05-06 17:13:41 +00:00
|
|
|
|
|
|
|
#######################################
|
|
|
|
## <summary>
|
|
|
|
## Creates types and rules for a basic
|
|
|
|
## rhcs init daemon domain.
|
|
|
|
## </summary>
|
|
|
|
## <param name="prefix">
|
|
|
|
## <summary>
|
|
|
|
## Prefix for the domain.
|
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
#
|
|
|
|
template(`rhcs_domain_template',`
|
|
|
|
gen_require(`
|
2010-09-20 17:44:58 +00:00
|
|
|
attribute cluster_domain, cluster_tmpfs, cluster_pid;
|
2010-05-06 17:13:41 +00:00
|
|
|
')
|
|
|
|
|
|
|
|
##############################
|
|
|
|
#
|
2010-05-21 19:59:16 +00:00
|
|
|
# Declarations
|
2010-05-06 17:13:41 +00:00
|
|
|
#
|
|
|
|
|
|
|
|
type $1_t, cluster_domain;
|
|
|
|
type $1_exec_t;
|
|
|
|
init_daemon_domain($1_t, $1_exec_t)
|
|
|
|
|
2010-08-26 13:41:21 +00:00
|
|
|
type $1_tmpfs_t, cluster_tmpfs;
|
2010-05-06 17:13:41 +00:00
|
|
|
files_tmpfs_file($1_tmpfs_t)
|
|
|
|
|
|
|
|
type $1_var_log_t;
|
|
|
|
logging_log_file($1_var_log_t)
|
|
|
|
|
2010-08-26 13:41:21 +00:00
|
|
|
type $1_var_run_t, cluster_pid;
|
2010-05-06 17:13:41 +00:00
|
|
|
files_pid_file($1_var_run_t)
|
|
|
|
|
|
|
|
##############################
|
|
|
|
#
|
2010-05-21 19:59:16 +00:00
|
|
|
# Local policy
|
2010-05-06 17:13:41 +00:00
|
|
|
#
|
|
|
|
|
|
|
|
manage_dirs_pattern($1_t, $1_tmpfs_t, $1_tmpfs_t)
|
|
|
|
manage_files_pattern($1_t, $1_tmpfs_t, $1_tmpfs_t)
|
|
|
|
fs_tmpfs_filetrans($1_t, $1_tmpfs_t, { dir file })
|
|
|
|
|
|
|
|
manage_files_pattern($1_t, $1_var_log_t, $1_var_log_t)
|
|
|
|
manage_sock_files_pattern($1_t, $1_var_log_t, $1_var_log_t)
|
|
|
|
logging_log_filetrans($1_t, $1_var_log_t, { file sock_file })
|
|
|
|
|
|
|
|
manage_files_pattern($1_t, $1_var_run_t, $1_var_run_t)
|
|
|
|
manage_fifo_files_pattern($1_t, $1_var_run_t, $1_var_run_t)
|
|
|
|
manage_sock_files_pattern($1_t, $1_var_run_t, $1_var_run_t)
|
|
|
|
files_pid_filetrans($1_t, $1_var_run_t, { file fifo_file })
|
|
|
|
')
|
|
|
|
|
|
|
|
######################################
|
|
|
|
## <summary>
|
|
|
|
## Execute a domain transition to run dlm_controld.
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
2010-09-20 17:40:18 +00:00
|
|
|
## <summary>
|
2010-05-06 17:13:41 +00:00
|
|
|
## Domain allowed to transition.
|
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
2010-09-20 17:40:18 +00:00
|
|
|
## </summary>
|
2010-05-06 17:13:41 +00:00
|
|
|
## </param>
|
|
|
|
#
|
2010-05-21 19:59:16 +00:00
|
|
|
interface(`rhcs_domtrans_dlm_controld',`
|
2010-05-06 17:13:41 +00:00
|
|
|
gen_require(`
|
|
|
|
type dlm_controld_t, dlm_controld_exec_t;
|
|
|
|
')
|
|
|
|
|
|
|
|
corecmd_search_bin($1)
|
|
|
|
domtrans_pattern($1, dlm_controld_exec_t, dlm_controld_t)
|
|
|
|
')
|
|
|
|
|
|
|
|
#####################################
|
|
|
|
## <summary>
|
|
|
|
## Connect to dlm_controld over a unix domain
|
|
|
|
## stream socket.
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
|
|
|
## Domain allowed access.
|
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
#
|
2010-05-21 19:59:16 +00:00
|
|
|
interface(`rhcs_stream_connect_dlm_controld',`
|
2010-05-06 17:13:41 +00:00
|
|
|
gen_require(`
|
|
|
|
type dlm_controld_t, dlm_controld_var_run_t;
|
|
|
|
')
|
|
|
|
|
|
|
|
files_search_pids($1)
|
|
|
|
stream_connect_pattern($1, dlm_controld_var_run_t, dlm_controld_var_run_t, dlm_controld_t)
|
|
|
|
')
|
|
|
|
|
|
|
|
#####################################
|
|
|
|
## <summary>
|
|
|
|
## Allow read and write access to dlm_controld semaphores.
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
|
|
|
## Domain allowed access.
|
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
#
|
2010-05-21 19:59:16 +00:00
|
|
|
interface(`rhcs_rw_dlm_controld_semaphores',`
|
2010-05-06 17:13:41 +00:00
|
|
|
gen_require(`
|
2010-05-21 19:59:16 +00:00
|
|
|
type dlm_controld_t, dlm_controld_tmpfs_t;
|
2010-05-06 17:13:41 +00:00
|
|
|
')
|
|
|
|
|
|
|
|
allow $1 dlm_controld_t:sem { rw_sem_perms destroy };
|
|
|
|
|
|
|
|
fs_search_tmpfs($1)
|
|
|
|
manage_files_pattern($1, dlm_controld_tmpfs_t, dlm_controld_tmpfs_t)
|
|
|
|
')
|
|
|
|
|
|
|
|
######################################
|
|
|
|
## <summary>
|
|
|
|
## Execute a domain transition to run fenced.
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
2010-08-05 13:03:19 +00:00
|
|
|
## Domain allowed to transition.
|
2010-05-06 17:13:41 +00:00
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
#
|
2010-05-21 19:59:16 +00:00
|
|
|
interface(`rhcs_domtrans_fenced',`
|
2010-05-06 17:13:41 +00:00
|
|
|
gen_require(`
|
|
|
|
type fenced_t, fenced_exec_t;
|
|
|
|
')
|
|
|
|
|
|
|
|
corecmd_search_bin($1)
|
|
|
|
domtrans_pattern($1, fenced_exec_t, fenced_t)
|
|
|
|
')
|
|
|
|
|
|
|
|
######################################
|
|
|
|
## <summary>
|
|
|
|
## Allow read and write access to fenced semaphores.
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
|
|
|
## Domain allowed access.
|
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
#
|
2010-05-21 19:59:16 +00:00
|
|
|
interface(`rhcs_rw_fenced_semaphores',`
|
2010-05-06 17:13:41 +00:00
|
|
|
gen_require(`
|
2010-05-21 19:59:16 +00:00
|
|
|
type fenced_t, fenced_tmpfs_t;
|
2010-05-06 17:13:41 +00:00
|
|
|
')
|
|
|
|
|
|
|
|
allow $1 fenced_t:sem { rw_sem_perms destroy };
|
2010-05-21 19:59:16 +00:00
|
|
|
|
|
|
|
fs_search_tmpfs($1)
|
|
|
|
manage_files_pattern($1, fenced_tmpfs_t, fenced_tmpfs_t)
|
2010-05-06 17:13:41 +00:00
|
|
|
')
|
|
|
|
|
|
|
|
######################################
|
|
|
|
## <summary>
|
|
|
|
## Connect to fenced over an unix domain stream socket.
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
|
|
|
## Domain allowed access.
|
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
#
|
2010-05-21 19:59:16 +00:00
|
|
|
interface(`rhcs_stream_connect_fenced',`
|
2010-05-06 17:13:41 +00:00
|
|
|
gen_require(`
|
|
|
|
type fenced_var_run_t, fenced_t;
|
|
|
|
')
|
|
|
|
|
|
|
|
files_search_pids($1)
|
2010-09-21 09:47:34 +00:00
|
|
|
stream_connect_pattern($1, fenced_var_run_t, fenced_var_run_t, fenced_t)
|
2010-05-06 17:13:41 +00:00
|
|
|
')
|
|
|
|
|
|
|
|
#####################################
|
|
|
|
## <summary>
|
|
|
|
## Execute a domain transition to run gfs_controld.
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
2010-08-05 13:03:19 +00:00
|
|
|
## Domain allowed to transition.
|
2010-05-06 17:13:41 +00:00
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
#
|
2010-05-21 19:59:16 +00:00
|
|
|
interface(`rhcs_domtrans_gfs_controld',`
|
2010-05-06 17:13:41 +00:00
|
|
|
gen_require(`
|
|
|
|
type gfs_controld_t, gfs_controld_exec_t;
|
|
|
|
')
|
|
|
|
|
|
|
|
corecmd_search_bin($1)
|
|
|
|
domtrans_pattern($1, gfs_controld_exec_t, gfs_controld_t)
|
|
|
|
')
|
|
|
|
|
|
|
|
####################################
|
|
|
|
## <summary>
|
|
|
|
## Allow read and write access to gfs_controld semaphores.
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
|
|
|
## Domain allowed access.
|
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
#
|
2010-05-21 19:59:16 +00:00
|
|
|
interface(`rhcs_rw_gfs_controld_semaphores',`
|
2010-05-06 17:13:41 +00:00
|
|
|
gen_require(`
|
2010-05-21 19:59:16 +00:00
|
|
|
type gfs_controld_t, gfs_controld_tmpfs_t;
|
2010-05-06 17:13:41 +00:00
|
|
|
')
|
|
|
|
|
|
|
|
allow $1 gfs_controld_t:sem { rw_sem_perms destroy };
|
2010-05-21 19:59:16 +00:00
|
|
|
|
|
|
|
fs_search_tmpfs($1)
|
|
|
|
manage_files_pattern($1, gfs_controld_tmpfs_t, gfs_controld_tmpfs_t)
|
2010-05-06 17:13:41 +00:00
|
|
|
')
|
|
|
|
|
|
|
|
########################################
|
|
|
|
## <summary>
|
|
|
|
## Read and write to gfs_controld_t shared memory.
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
|
|
|
## Domain allowed access.
|
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
#
|
2010-05-21 19:59:16 +00:00
|
|
|
interface(`rhcs_rw_gfs_controld_shm',`
|
2010-05-06 17:13:41 +00:00
|
|
|
gen_require(`
|
2010-05-21 20:40:12 +00:00
|
|
|
type gfs_controld_t, gfs_controld_tmpfs_t;
|
2010-05-06 17:13:41 +00:00
|
|
|
')
|
|
|
|
|
|
|
|
allow $1 gfs_controld_t:shm { rw_shm_perms destroy };
|
2010-05-21 19:59:16 +00:00
|
|
|
|
|
|
|
fs_search_tmpfs($1)
|
|
|
|
manage_files_pattern($1, gfs_controld_tmpfs_t, gfs_controld_tmpfs_t)
|
2010-05-06 17:13:41 +00:00
|
|
|
')
|
|
|
|
|
|
|
|
#####################################
|
|
|
|
## <summary>
|
|
|
|
## Connect to gfs_controld_t over an unix domain stream socket.
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
|
|
|
## Domain allowed access.
|
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
#
|
2010-05-21 19:59:16 +00:00
|
|
|
interface(`rhcs_stream_connect_gfs_controld',`
|
2010-05-06 17:13:41 +00:00
|
|
|
gen_require(`
|
|
|
|
type gfs_controld_t, gfs_controld_var_run_t;
|
|
|
|
')
|
|
|
|
|
|
|
|
files_search_pids($1)
|
|
|
|
stream_connect_pattern($1, gfs_controld_var_run_t, gfs_controld_var_run_t, gfs_controld_t)
|
|
|
|
')
|
|
|
|
|
|
|
|
######################################
|
|
|
|
## <summary>
|
|
|
|
## Execute a domain transition to run groupd.
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
2010-08-05 13:03:19 +00:00
|
|
|
## Domain allowed to transition.
|
2010-05-06 17:13:41 +00:00
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
#
|
2010-05-21 19:59:16 +00:00
|
|
|
interface(`rhcs_domtrans_groupd',`
|
2010-05-06 17:13:41 +00:00
|
|
|
gen_require(`
|
|
|
|
type groupd_t, groupd_exec_t;
|
|
|
|
')
|
|
|
|
|
|
|
|
corecmd_search_bin($1)
|
|
|
|
domtrans_pattern($1, groupd_exec_t, groupd_t)
|
|
|
|
')
|
|
|
|
|
|
|
|
#####################################
|
|
|
|
## <summary>
|
|
|
|
## Connect to groupd over a unix domain
|
|
|
|
## stream socket.
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
|
|
|
## Domain allowed access.
|
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
#
|
2010-05-21 19:59:16 +00:00
|
|
|
interface(`rhcs_stream_connect_groupd',`
|
2010-05-06 17:13:41 +00:00
|
|
|
gen_require(`
|
|
|
|
type groupd_t, groupd_var_run_t;
|
|
|
|
')
|
|
|
|
|
|
|
|
files_search_pids($1)
|
|
|
|
stream_connect_pattern($1, groupd_var_run_t, groupd_var_run_t, groupd_t)
|
|
|
|
')
|
|
|
|
|
|
|
|
#####################################
|
|
|
|
## <summary>
|
|
|
|
## Allow read and write access to groupd semaphores.
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
|
|
|
## Domain allowed access.
|
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
#
|
2010-05-21 19:59:16 +00:00
|
|
|
interface(`rhcs_rw_groupd_semaphores',`
|
2010-05-06 17:13:41 +00:00
|
|
|
gen_require(`
|
2010-05-21 19:59:16 +00:00
|
|
|
type groupd_t, groupd_tmpfs_t;
|
2010-05-06 17:13:41 +00:00
|
|
|
')
|
|
|
|
|
|
|
|
allow $1 groupd_t:sem { rw_sem_perms destroy };
|
2010-05-21 19:59:16 +00:00
|
|
|
|
|
|
|
fs_search_tmpfs($1)
|
|
|
|
manage_files_pattern($1, groupd_tmpfs_t, groupd_tmpfs_t)
|
2010-05-06 17:13:41 +00:00
|
|
|
')
|
|
|
|
|
|
|
|
########################################
|
|
|
|
## <summary>
|
|
|
|
## Read and write to group shared memory.
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
|
|
|
## Domain allowed access.
|
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
#
|
2010-05-21 19:59:16 +00:00
|
|
|
interface(`rhcs_rw_groupd_shm',`
|
2010-05-06 17:13:41 +00:00
|
|
|
gen_require(`
|
2010-05-21 19:59:16 +00:00
|
|
|
type groupd_t, groupd_tmpfs_t;
|
2010-05-06 17:13:41 +00:00
|
|
|
')
|
|
|
|
|
|
|
|
allow $1 groupd_t:shm { rw_shm_perms destroy };
|
|
|
|
|
|
|
|
fs_search_tmpfs($1)
|
|
|
|
manage_files_pattern($1, groupd_tmpfs_t, groupd_tmpfs_t)
|
|
|
|
')
|
|
|
|
|
2010-08-26 13:41:21 +00:00
|
|
|
########################################
|
|
|
|
## <summary>
|
|
|
|
## Read and write to group shared memory.
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
|
|
|
## Domain allowed access.
|
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
#
|
|
|
|
interface(`rhcs_rw_cluster_shm',`
|
|
|
|
gen_require(`
|
2010-09-20 17:44:58 +00:00
|
|
|
attribute cluster_domain, cluster_tmpfs;
|
2010-08-26 13:41:21 +00:00
|
|
|
')
|
|
|
|
|
|
|
|
allow $1 cluster_domain:shm { rw_shm_perms destroy };
|
|
|
|
|
|
|
|
fs_search_tmpfs($1)
|
|
|
|
manage_files_pattern($1, cluster_tmpfs, cluster_tmpfs)
|
|
|
|
')
|
|
|
|
|
|
|
|
####################################
|
|
|
|
## <summary>
|
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
2010-09-20 17:40:18 +00:00
|
|
|
## Read and write access to cluster domains semaphores.
|
2010-08-26 13:41:21 +00:00
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
2010-09-20 17:40:18 +00:00
|
|
|
## <summary>
|
|
|
|
## Domain allowed access.
|
|
|
|
## </summary>
|
2010-08-26 13:41:21 +00:00
|
|
|
## </param>
|
|
|
|
#
|
|
|
|
interface(`rhcs_rw_cluster_semaphores',`
|
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
2010-09-20 17:40:18 +00:00
|
|
|
gen_require(`
|
2010-08-30 21:32:41 +00:00
|
|
|
attribute cluster_domain;
|
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
2010-09-20 17:40:18 +00:00
|
|
|
')
|
2010-08-26 13:41:21 +00:00
|
|
|
|
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
2010-09-20 17:40:18 +00:00
|
|
|
allow $1 cluster_domain:sem { rw_sem_perms destroy };
|
2010-08-26 13:41:21 +00:00
|
|
|
')
|
|
|
|
|
|
|
|
####################################
|
|
|
|
## <summary>
|
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
2010-09-20 17:40:18 +00:00
|
|
|
## Connect to cluster domains over a unix domain
|
|
|
|
## stream socket.
|
2010-08-26 13:41:21 +00:00
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
2010-09-20 17:40:18 +00:00
|
|
|
## <summary>
|
|
|
|
## Domain allowed access.
|
|
|
|
## </summary>
|
2010-08-26 13:41:21 +00:00
|
|
|
## </param>
|
|
|
|
#
|
|
|
|
interface(`rhcs_stream_connect_cluster',`
|
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
2010-09-20 17:40:18 +00:00
|
|
|
gen_require(`
|
|
|
|
attribute cluster_domain, cluster_pid;
|
|
|
|
')
|
2010-08-26 13:41:21 +00:00
|
|
|
|
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
2010-09-20 17:40:18 +00:00
|
|
|
files_search_pids($1)
|
|
|
|
stream_connect_pattern($1, cluster_pid, cluster_pid, cluster_domain)
|
2010-08-26 13:41:21 +00:00
|
|
|
')
|
|
|
|
|
2010-05-06 17:13:41 +00:00
|
|
|
######################################
|
|
|
|
## <summary>
|
|
|
|
## Execute a domain transition to run qdiskd.
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
2010-08-05 13:03:19 +00:00
|
|
|
## Domain allowed to transition.
|
2010-05-06 17:13:41 +00:00
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
#
|
2010-05-21 19:59:16 +00:00
|
|
|
interface(`rhcs_domtrans_qdiskd',`
|
2010-05-06 17:13:41 +00:00
|
|
|
gen_require(`
|
|
|
|
type qdiskd_t, qdiskd_exec_t;
|
|
|
|
')
|
|
|
|
|
|
|
|
corecmd_search_bin($1)
|
|
|
|
domtrans_pattern($1, qdiskd_exec_t, qdiskd_t)
|
|
|
|
')
|
2010-08-26 13:41:21 +00:00
|
|
|
|
|
|
|
########################################
|
|
|
|
## <summary>
|
|
|
|
## Allow domain to read qdiskd tmpfs files
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
|
|
|
## Domain allowed access.
|
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
#
|
|
|
|
interface(`rhcs_read_qdiskd_tmpfs_files',`
|
|
|
|
gen_require(`
|
|
|
|
type qdiskd_tmpfs_t;
|
|
|
|
')
|
|
|
|
|
2010-09-20 17:48:08 +00:00
|
|
|
fs_search_tmpfs($1)
|
2010-08-26 13:41:21 +00:00
|
|
|
allow $1 qdiskd_tmpfs_t:file read_file_perms;
|
|
|
|
')
|
2010-09-16 11:44:53 +00:00
|
|
|
|
|
|
|
######################################
|
|
|
|
## <summary>
|
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
2010-09-20 17:40:18 +00:00
|
|
|
## Allow domain to read cluster lib files
|
2010-09-16 11:44:53 +00:00
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
2010-09-20 17:40:18 +00:00
|
|
|
## <summary>
|
|
|
|
## Domain allowed access.
|
|
|
|
## </summary>
|
2010-09-16 11:44:53 +00:00
|
|
|
## </param>
|
|
|
|
#
|
|
|
|
interface(`rhcs_read_cluster_lib_files',`
|
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
2010-09-20 17:40:18 +00:00
|
|
|
gen_require(`
|
|
|
|
type cluster_var_lib_t;
|
|
|
|
')
|
2010-09-16 11:44:53 +00:00
|
|
|
|
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
2010-09-20 17:40:18 +00:00
|
|
|
files_search_var_lib($1)
|
|
|
|
read_files_pattern($1, cluster_var_lib_t, cluster_var_lib_t)
|
2010-09-16 11:44:53 +00:00
|
|
|
')
|