2009-06-30 15:03:20 +00:00
|
|
|
## <summary>Passive Asset Detection System</summary>
|
|
|
|
## <desc>
|
|
|
|
## <p>
|
|
|
|
## PADS is a libpcap based detection engine used to
|
|
|
|
## passively detect network assets. It is designed to
|
|
|
|
## complement IDS technology by providing context to IDS
|
|
|
|
## alerts.
|
|
|
|
## </p>
|
|
|
|
## </desc>
|
|
|
|
|
|
|
|
########################################
|
|
|
|
## <summary>
|
|
|
|
## All of the rules required to administrate
|
|
|
|
## an pads environment
|
|
|
|
## </summary>
|
|
|
|
## <param name="domain">
|
|
|
|
## <summary>
|
|
|
|
## Domain allowed access.
|
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
## <param name="role">
|
|
|
|
## <summary>
|
|
|
|
## Role allowed access.
|
|
|
|
## </summary>
|
|
|
|
## </param>
|
|
|
|
## <rolecap/>
|
|
|
|
#
|
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
2010-09-20 09:48:51 +00:00
|
|
|
interface(`pads_admin',`
|
2009-06-30 15:03:20 +00:00
|
|
|
gen_require(`
|
2010-09-20 10:09:09 +00:00
|
|
|
type pads_t, pads_config_t, pads_initrc_exec_t;
|
|
|
|
type pads_var_run_t;
|
2009-06-30 15:03:20 +00:00
|
|
|
')
|
|
|
|
|
|
|
|
allow $1 pads_t:process { ptrace signal_perms };
|
|
|
|
ps_process_pattern($1, pads_t)
|
|
|
|
|
|
|
|
init_labeled_script_domtrans($1, pads_initrc_exec_t)
|
|
|
|
domain_system_change_exemption($1)
|
|
|
|
role_transition $2 pads_initrc_exec_t system_r;
|
|
|
|
allow $2 system_r;
|
|
|
|
|
2010-09-20 13:36:05 +00:00
|
|
|
files_list_pids($1)
|
2009-06-30 15:03:20 +00:00
|
|
|
admin_pattern($1, pads_var_run_t)
|
2010-09-15 11:05:32 +00:00
|
|
|
|
2010-09-20 13:36:05 +00:00
|
|
|
files_list_etc($1)
|
2009-06-30 15:03:20 +00:00
|
|
|
admin_pattern($1, pads_config_t)
|
|
|
|
')
|