2005-06-01 19:17:13 +00:00
|
|
|
|
|
|
|
|
########################################
|
|
|
|
|
#
|
|
|
|
|
# Helper macros
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# shiftn(num,list...)
|
|
|
|
|
#
|
|
|
|
|
# shift the list num times
|
|
|
|
|
#
|
|
|
|
|
define(`shiftn',`ifelse($1,0,`shift($*)',`shiftn(decr($1),shift(shift($*)))')')
|
|
|
|
|
|
2005-09-12 15:17:39 +00:00
|
|
|
########################################
|
|
|
|
|
#
|
|
|
|
|
# gen_user(username, role_set, mls_defaultlevel, mls_range)
|
|
|
|
|
#
|
|
|
|
|
define(`gen_user',`
|
|
|
|
|
user $1 roles { $2 } ifdef(`enable_mls', `level $3 range $4');
|
|
|
|
|
')
|
|
|
|
|
|
2005-06-01 19:17:13 +00:00
|
|
|
########################################
|
|
|
|
|
#
|
2005-09-16 13:36:26 +00:00
|
|
|
# gen_con(context,mls_sensitivity,[mcs_categories])
|
2005-06-01 19:17:13 +00:00
|
|
|
#
|
2005-09-16 13:36:26 +00:00
|
|
|
# MLS: Optionally put the sensitivity for the file
|
|
|
|
|
# MCS: Optionally put the categories of the file
|
2005-06-01 19:17:13 +00:00
|
|
|
#
|
2005-09-16 13:36:26 +00:00
|
|
|
define(`context_template',`$1`'ifdef(`enable_mls',`:$2')`'ifdef(`enable_mcs',`:s0`'ifelse(`$3',,,`:$3')')') dnl
|
2005-06-09 23:06:07 +00:00
|
|
|
|
2005-06-21 17:01:45 +00:00
|
|
|
########################################
|
|
|
|
|
#
|
|
|
|
|
# can_exec(domain,executable)
|
|
|
|
|
#
|
2005-06-16 20:30:07 +00:00
|
|
|
define(`can_exec',`
|
|
|
|
|
gen_require(`
|
|
|
|
|
class file { rx_file_perms execute_no_trans };
|
|
|
|
|
')
|
|
|
|
|
|
|
|
|
|
allow $1 $2:file { rx_file_perms execute_no_trans };
|
|
|
|
|
')
|
2005-06-21 17:01:45 +00:00
|
|
|
|
|
|
|
|
########################################
|
|
|
|
|
#
|
|
|
|
|
# gen_bool(name,default_value)
|
|
|
|
|
#
|
|
|
|
|
define(`gen_bool',`
|
|
|
|
|
bool $1 dflt_or_overr(`$1'_conf,$2);
|
|
|
|
|
')
|
