selinux-policy/policy/modules/kernel/storage.fc

77 lines
4.8 KiB
Plaintext
Raw Normal View History

2005-05-10 15:31:48 +00:00
/dev/n?(raw)?[qr]ft[0-3] -c gen_context(system_u:object_r:tape_device_t,s0)
/dev/n?[hs]t[0-9].* -c gen_context(system_u:object_r:tape_device_t,s0)
/dev/n?z?qft[0-3] -c gen_context(system_u:object_r:tape_device_t,s0)
/dev/n?osst[0-3].* -c gen_context(system_u:object_r:tape_device_t,s0)
/dev/n?pt[0-9]+ -c gen_context(system_u:object_r:tape_device_t,s0)
/dev/n?tpqic[12].* -c gen_context(system_u:object_r:tape_device_t,s0)
/dev/[shmx]d[^/]* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/aztcd -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/bpcd -b gen_context(system_u:object_r:removable_device_t,s0)
2007-10-29 18:35:32 +00:00
/dev/bsg/.+ -c gen_context(system_u:object_r:scsi_generic_device_t,s0)
/dev/cdu.* -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/cm20.* -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/dasd[^/]* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/dm-[0-9]+ -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/drbd[^/]* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/fd[^/]+ -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/flash[^/]* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/gscd -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/hitcd -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/ht[0-1] -b gen_context(system_u:object_r:tape_device_t,s0)
/dev/initrd -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/jsfd -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/jsflash -c gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/loop.* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/lvm -c gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/mcdx? -b gen_context(system_u:object_r:removable_device_t,s0)
2007-08-07 17:06:32 +00:00
/dev/megadev.* -c gen_context(system_u:object_r:removable_device_t,s0)
/dev/mmcblk.* -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/mspblk.* -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/nb[^/]+ -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/optcd -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/p[fg][0-3] -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/pcd[0-3] -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/pd[a-d][^/]* -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/pg[0-3] -c gen_context(system_u:object_r:removable_device_t,s0)
2007-10-29 22:08:34 +00:00
/dev/ps3d.* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/ram.* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
2009-03-05 15:49:41 +00:00
/dev/(raw/)?rawctl -c gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/rd.* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
2005-05-10 15:31:48 +00:00
ifdef(`distro_redhat', `
/dev/root -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
2005-05-10 15:31:48 +00:00
')
/dev/s(cd|r)[^/]* -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/sbpcd.* -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/sg[0-9]+ -c gen_context(system_u:object_r:scsi_generic_device_t,s0)
/dev/sjcd -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/sonycd -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/tape.* -c gen_context(system_u:object_r:tape_device_t,s0)
/dev/tw[a-z][^/]+ -c gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/ub[a-z][^/]+ -b gen_context(system_u:object_r:removable_device_t,mls_systemhigh)
/dev/ubd[^/]* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/vd[^/]* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/xvd[^/]* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
2005-05-10 15:31:48 +00:00
/dev/ataraid/.* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
2005-05-10 15:31:48 +00:00
2007-06-11 15:43:37 +00:00
/dev/cciss/[^/]* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
2005-05-10 15:31:48 +00:00
/dev/fuse -c gen_context(system_u:object_r:fuse_device_t,s0)
2006-02-01 16:34:54 +00:00
/dev/floppy/[^/]* -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/i2o/hd[^/]* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
2006-01-06 22:51:40 +00:00
/dev/ida/[^/]* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
2005-05-10 15:31:48 +00:00
/dev/md/.* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/mapper/.* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
2009-03-05 15:49:41 +00:00
/dev/device-mapper -c gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/raw/raw[0-9]+ -c gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
2005-05-10 15:31:48 +00:00
/dev/scramdisk/.* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
2005-05-10 15:31:48 +00:00
/dev/usb/rio500 -c gen_context(system_u:object_r:removable_device_t,s0)