2005-05-10 19:51:00 +00:00
|
|
|
|
|
|
|
#
|
|
|
|
# /bin
|
|
|
|
#
|
2005-11-03 18:08:36 +00:00
|
|
|
/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/bin/d?ash -- gen_context(system_u:object_r:shell_exec_t,s0)
|
|
|
|
/bin/bash -- gen_context(system_u:object_r:shell_exec_t,s0)
|
|
|
|
/bin/bash2 -- gen_context(system_u:object_r:shell_exec_t,s0)
|
2005-11-18 16:12:30 +00:00
|
|
|
/bin/ksh.* -- gen_context(system_u:object_r:shell_exec_t,s0)
|
2005-11-03 18:08:36 +00:00
|
|
|
/bin/ls -- gen_context(system_u:object_r:ls_exec_t,s0)
|
|
|
|
/bin/sash -- gen_context(system_u:object_r:shell_exec_t,s0)
|
|
|
|
/bin/tcsh -- gen_context(system_u:object_r:shell_exec_t,s0)
|
|
|
|
/bin/zsh.* -- gen_context(system_u:object_r:shell_exec_t,s0)
|
2005-05-10 19:51:00 +00:00
|
|
|
|
|
|
|
#
|
|
|
|
# /dev
|
|
|
|
#
|
2005-11-03 18:08:36 +00:00
|
|
|
/dev/MAKEDEV -- gen_context(system_u:object_r:sbin_t,s0)
|
|
|
|
|
|
|
|
#
|
|
|
|
# /emul
|
|
|
|
#
|
|
|
|
ifdef(`distro_redhat',`
|
|
|
|
/emul/ia32-linux/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/emul/ia32-linux/sbin(/.*)? gen_context(system_u:object_r:sbin_t,s0)
|
|
|
|
/emul/ia32-linux/usr(/.*)?/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/emul/ia32-linux/usr(/.*)?/Bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/emul/ia32-linux/usr(/.*)?/sbin(/.*)? gen_context(system_u:object_r:sbin_t,s0)
|
|
|
|
/emul/ia32-linux/usr/libexec(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
')
|
2005-05-10 19:51:00 +00:00
|
|
|
|
|
|
|
#
|
|
|
|
# /etc
|
|
|
|
#
|
2006-03-23 19:19:38 +00:00
|
|
|
|
2006-03-24 19:22:19 +00:00
|
|
|
/etc/cipe/ip-up.* -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/etc/cipe/ip-down.* -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
|
2005-11-03 18:08:36 +00:00
|
|
|
/etc/hotplug/.*agent -- gen_context(system_u:object_r:sbin_t,s0)
|
|
|
|
/etc/hotplug/.*rc -- gen_context(system_u:object_r:sbin_t,s0)
|
|
|
|
/etc/hotplug/hotplug\.functions -- gen_context(system_u:object_r:sbin_t,s0)
|
|
|
|
/etc/hotplug\.d/default/default.* gen_context(system_u:object_r:sbin_t,s0)
|
2005-05-10 19:51:00 +00:00
|
|
|
|
2006-03-23 19:19:38 +00:00
|
|
|
/etc/init\.d/functions -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
|
2005-11-03 18:08:36 +00:00
|
|
|
/etc/netplug\.d(/.*)? gen_context(system_u:object_r:sbin_t,s0)
|
2005-05-10 19:51:00 +00:00
|
|
|
|
2005-11-03 18:08:36 +00:00
|
|
|
/etc/ppp/ip-down\..* -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/etc/ppp/ip-up\..* -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/etc/ppp/ipv6-up\..* -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/etc/ppp/ipv6-down\..* -- gen_context(system_u:object_r:bin_t,s0)
|
2005-10-14 20:00:07 +00:00
|
|
|
|
2006-03-23 19:19:38 +00:00
|
|
|
/etc/rc\.d/init\.d/functions -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
|
2005-11-10 16:53:50 +00:00
|
|
|
/etc/sysconfig/network-scripts/ifup-.* -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/etc/sysconfig/network-scripts/ifdown-.* -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
|
2005-11-11 14:12:23 +00:00
|
|
|
/etc/X11/xdm/GiveConsole -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/etc/X11/xdm/TakeConsole -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/etc/X11/xdm/Xsetup_0 -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/etc/X11/xinit(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
|
2006-03-23 19:19:38 +00:00
|
|
|
/etc/xen/scripts(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
|
2005-08-03 17:56:26 +00:00
|
|
|
ifdef(`distro_debian',`
|
2005-11-03 18:08:36 +00:00
|
|
|
/etc/mysql/debian-start -- gen_context(system_u:object_r:bin_t,s0)
|
2005-08-03 17:56:26 +00:00
|
|
|
')
|
|
|
|
|
|
|
|
ifdef(`targeted_policy',`
|
2005-11-03 18:08:36 +00:00
|
|
|
/etc/X11/prefdm -- gen_context(system_u:object_r:bin_t,s0)
|
2005-05-10 19:51:00 +00:00
|
|
|
')
|
|
|
|
|
2005-11-11 14:12:23 +00:00
|
|
|
#
|
|
|
|
# /lib
|
|
|
|
#
|
|
|
|
|
2006-01-06 22:51:40 +00:00
|
|
|
/lib/udev/[^/]* -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
|
2005-11-11 14:12:23 +00:00
|
|
|
ifdef(`distro_gentoo',`
|
2006-03-21 15:38:15 +00:00
|
|
|
/lib/rcscripts/addons(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
2005-11-11 14:12:23 +00:00
|
|
|
/lib/rcscripts/sh(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
2006-03-21 15:38:15 +00:00
|
|
|
/lib/rcscripts/net.modules.d/helpers.d/dhclient-.* -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/lib/rcscripts/net.modules.d/helpers.d/udhcpc-.* -- gen_context(system_u:object_r:bin_t,s0)
|
2005-11-11 14:12:23 +00:00
|
|
|
')
|
2005-10-21 17:55:15 +00:00
|
|
|
|
2005-05-10 19:51:00 +00:00
|
|
|
#
|
|
|
|
# /sbin
|
|
|
|
#
|
2005-11-03 18:08:36 +00:00
|
|
|
/sbin(/.*)? gen_context(system_u:object_r:sbin_t,s0)
|
|
|
|
/sbin/mkfs\.cramfs -- gen_context(system_u:object_r:sbin_t,s0)
|
|
|
|
/sbin/insmod_ksymoops_clean -- gen_context(system_u:object_r:sbin_t,s0)
|
2005-05-10 19:51:00 +00:00
|
|
|
|
|
|
|
#
|
|
|
|
# /opt
|
|
|
|
#
|
2005-11-03 18:08:36 +00:00
|
|
|
/opt(/.*)?/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
2005-05-10 19:51:00 +00:00
|
|
|
|
2005-11-03 18:08:36 +00:00
|
|
|
/opt(/.*)?/libexec(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
2005-05-10 19:51:00 +00:00
|
|
|
|
2005-11-03 18:08:36 +00:00
|
|
|
/opt(/.*)?/sbin(/.*)? gen_context(system_u:object_r:sbin_t,s0)
|
2005-05-10 19:51:00 +00:00
|
|
|
|
|
|
|
#
|
|
|
|
# /usr
|
|
|
|
#
|
2005-11-03 18:08:36 +00:00
|
|
|
/usr(/.*)?/Bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
2005-05-10 19:51:00 +00:00
|
|
|
|
2005-11-03 18:08:36 +00:00
|
|
|
/usr(/.*)?/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
2005-05-10 19:51:00 +00:00
|
|
|
|
2005-11-03 18:08:36 +00:00
|
|
|
/usr(/.*)?/sbin(/.*)? gen_context(system_u:object_r:sbin_t,s0)
|
2005-05-10 19:51:00 +00:00
|
|
|
|
2005-11-09 18:29:03 +00:00
|
|
|
/usr/lib/ccache/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
2005-11-03 18:08:36 +00:00
|
|
|
/usr/lib/pgsql/test/regress/.*\.sh -- gen_context(system_u:object_r:bin_t,s0)
|
2005-11-09 18:29:03 +00:00
|
|
|
/usr/lib/qt.*/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
# these two lines are separate because of a
|
|
|
|
# sorting issue with the java module
|
2005-11-21 22:15:11 +00:00
|
|
|
/usr/lib/jvm/java.*/bin -d gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/lib/jvm/java.*/bin/.* gen_context(system_u:object_r:bin_t,s0)
|
2005-05-10 19:51:00 +00:00
|
|
|
|
2006-03-13 19:24:52 +00:00
|
|
|
/usr/lib(64)?/[^/]*firefox[^/]*/firefox -- gen_context(system_u:object_r:bin_t,s0)
|
2006-03-08 18:43:05 +00:00
|
|
|
/usr/lib(64)?/apt/methods.+ -- gen_context(system_u:object_r:bin_t,s0)
|
2006-04-10 21:04:51 +00:00
|
|
|
/usr/lib(64)?/courier(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
2005-11-03 18:08:36 +00:00
|
|
|
/usr/lib(64)?/cups/cgi-bin/.* -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/lib(64)?/cups/filter/.* -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/lib(64)?/cyrus-imapd/.* -- gen_context(system_u:object_r:bin_t,s0)
|
2006-03-08 18:43:05 +00:00
|
|
|
/usr/lib(64)?/dpkg/.+ -- gen_context(system_u:object_r:bin_t,s0)
|
2005-11-03 18:08:36 +00:00
|
|
|
/usr/lib(64)?/emacsen-common/.* gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/lib(64)?/ipsec/.* -- gen_context(system_u:object_r:sbin_t,s0)
|
2005-11-11 19:03:44 +00:00
|
|
|
/usr/lib(64)?/mailman/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
2005-11-03 18:08:36 +00:00
|
|
|
/usr/lib(64)?/misc/sftp-server -- gen_context(system_u:object_r:bin_t,s0)
|
2006-04-06 15:03:23 +00:00
|
|
|
/usr/lib(64)?/nagios/plugins(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/lib(64)?/netsaint/plugins(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
2005-11-11 21:00:00 +00:00
|
|
|
/usr/lib(64)?/news/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
2006-01-18 14:57:29 +00:00
|
|
|
/usr/lib(64)?/portage/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
2006-03-13 19:24:52 +00:00
|
|
|
/usr/lib(64)?/sftp-server -- gen_context(system_u:object_r:bin_t,s0)
|
2005-07-06 15:59:54 +00:00
|
|
|
|
2006-01-18 14:57:29 +00:00
|
|
|
/usr/lib(64)?/debug/bin(/.*)? -- gen_context(system_u:object_r:bin_t,s0)
|
2005-11-11 19:40:31 +00:00
|
|
|
/usr/lib(64)?/debug/sbin(/.*)? -- gen_context(system_u:object_r:sbin_t,s0)
|
|
|
|
/usr/lib(64)?/debug/usr/bin(/.*)? -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/lib(64)?/debug/usr/sbin(/.*)? -- gen_context(system_u:object_r:sbin_t,s0)
|
|
|
|
|
2005-10-06 19:33:06 +00:00
|
|
|
/usr/lib(64)?/[^/]*thunderbird[^/]*/thunderbird -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/lib(64)?/[^/]*thunderbird[^/]*/thunderbird-bin -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/lib(64)?/[^/]*thunderbird[^/]*/open-browser\.sh -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/lib(64)?/[^/]*/run-mozilla\.sh -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/lib(64)?/[^/]*/mozilla-xremote-client -- gen_context(system_u:object_r:bin_t,s0)
|
2005-11-18 16:12:30 +00:00
|
|
|
/usr/lib(64)?/thunderbird.*/mozilla-xremote-client -- gen_context(system_u:object_r:bin_t,s0)
|
2005-05-10 19:51:00 +00:00
|
|
|
|
2006-03-23 19:19:38 +00:00
|
|
|
/usr/lib(64)?/xen/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
|
2005-11-03 18:08:36 +00:00
|
|
|
/usr/libexec(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/libexec/openssh/sftp-server -- gen_context(system_u:object_r:bin_t,s0)
|
2005-05-10 19:51:00 +00:00
|
|
|
|
2005-11-03 18:08:36 +00:00
|
|
|
/usr/local/lib(64)?/ipsec/.* -- gen_context(system_u:object_r:sbin_t,s0)
|
2005-07-14 18:15:47 +00:00
|
|
|
|
2005-11-03 18:08:36 +00:00
|
|
|
/usr/sbin/sesh -- gen_context(system_u:object_r:shell_exec_t,s0)
|
2005-05-10 19:51:00 +00:00
|
|
|
|
2006-03-08 18:43:05 +00:00
|
|
|
/usr/share/debconf/.+ -- gen_context(system_u:object_r:bin_t,s0)
|
2005-10-06 19:33:06 +00:00
|
|
|
/usr/share/gnucash/finance-quote-check -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/gnucash/finance-quote-helper -- gen_context(system_u:object_r:bin_t,s0)
|
2006-01-11 15:28:14 +00:00
|
|
|
/usr/share/hal/scripts(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
2005-11-03 18:08:36 +00:00
|
|
|
/usr/share/mc/extfs/.* -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/printconf/util/print\.py -- gen_context(system_u:object_r:bin_t,s0)
|
2006-02-27 16:23:39 +00:00
|
|
|
/usr/share/selinux/devel/policygentool -- gen_context(system_u:object_r:bin_t,s0)
|
2005-11-03 18:08:36 +00:00
|
|
|
/usr/share/turboprint/lib(/.*)? -- gen_context(system_u:object_r:bin_t,s0)
|
2005-05-10 19:51:00 +00:00
|
|
|
|
2006-01-19 21:04:33 +00:00
|
|
|
/usr/X11R6/lib(64)?/X11/xkb/xkbcomp -- gen_context(system_u:object_r:bin_t,s0)
|
2005-11-09 18:29:03 +00:00
|
|
|
|
2005-11-03 18:08:36 +00:00
|
|
|
ifdef(`distro_gentoo', `
|
|
|
|
/usr/.*-.*-linux-gnu/gcc-bin/.*(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
2006-04-05 15:32:38 +00:00
|
|
|
/usr/.*-.*-linux-gnu/binutils-bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
2005-11-03 18:08:36 +00:00
|
|
|
')
|
|
|
|
|
|
|
|
ifdef(`distro_redhat', `
|
|
|
|
/usr/lib/.*/program(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/authconfig/authconfig-gtk\.py -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/cvs/contrib/rcs2log -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/hwbrowser/hwbrowser -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/pwlib/make/ptlib-config -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/pydict/pydict\.py -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/rhn/rhn_applet/applet\.py -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/rhn/rhn_applet/needed-packages\.py -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/ssl/misc(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/switchdesk/switchdesk-gui\.py -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-date/system-config-date\.py -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-display/system-config-display -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-httpd/system-config-httpd -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-keyboard/system-config-keyboard -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-language/system-config-language -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-lvm/system-config-lvm.py -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-mouse/system-config-mouse -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-netboot/system-config-netboot\.py -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-netboot/pxeos\.py -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-netboot/pxeboot\.py -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-network(/netconfig)?/[^/]+\.py -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-network/neat-control\.py -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-nfs/nfs-export\.py -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-nfs/system-config-nfs\.py -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-rootpassword/system-config-rootpassword -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-samba/system-config-samba\.py -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-securitylevel/system-config-securitylevel\.py -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-services/serviceconf\.py -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-services/system-config-services -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-soundcard/system-config-soundcard -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-config-users/system-config-users -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/system-logviewer/system-logviewer\.py -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/texmf/web2c/mktexdir -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/texmf/web2c/mktexnam -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/texmf/web2c/mktexupd -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
')
|
|
|
|
|
|
|
|
ifdef(`distro_suse', `
|
|
|
|
/usr/lib/cron/run-crons -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/lib/samba/classic/.* -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/lib(64)?/ssh/.* -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/usr/share/apache2/[^/]* -- gen_context(system_u:object_r:bin_t,s0)
|
2005-09-29 20:59:00 +00:00
|
|
|
')
|
|
|
|
|
2005-05-10 19:51:00 +00:00
|
|
|
#
|
|
|
|
# /var
|
|
|
|
#
|
2005-11-03 18:08:36 +00:00
|
|
|
/var/mailman/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
2005-05-10 19:51:00 +00:00
|
|
|
|
2005-11-03 18:08:36 +00:00
|
|
|
/var/ftp/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/var/ftp/bin/ls -- gen_context(system_u:object_r:ls_exec_t,s0)
|
2005-10-14 17:55:40 +00:00
|
|
|
|
2005-11-03 18:08:36 +00:00
|
|
|
/usr/lib/yp/.+ -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
|
2006-04-05 15:32:38 +00:00
|
|
|
/var/qmail/bin -d gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/var/qmail/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
/var/qmail/rc -- gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
|
2005-11-03 18:08:36 +00:00
|
|
|
ifdef(`distro_suse',`
|
|
|
|
/var/lib/samba/bin/.+ gen_context(system_u:object_r:bin_t,s0)
|
|
|
|
')
|