move all interfaces over to the interface macro. add traceback debugging info
This commit is contained in:
parent
cbc9d6951a
commit
199895e201
@ -238,9 +238,9 @@ tmp/generated_definitions.conf: $(ALL_LAYERS) $(ALL_TE_FILES)
|
|||||||
done
|
done
|
||||||
$(QUIET) $(SETTUN) $(TUNABLES) >> $@
|
$(QUIET) $(SETTUN) $(TUNABLES) >> $@
|
||||||
|
|
||||||
tmp/all_interfaces.conf: $(ALL_INTERFACES)
|
tmp/all_interfaces.conf: $(M4SUPPORT) $(ALL_INTERFACES)
|
||||||
@test -d tmp || mkdir -p tmp
|
@test -d tmp || mkdir -p tmp
|
||||||
$(QUIET) cat $^ > $@
|
$(QUIET) m4 $^ | sed -e s/dollarsstar/\$$\*/g > $@
|
||||||
|
|
||||||
tmp/all_te_files.conf: $(ALL_TE_FILES)
|
tmp/all_te_files.conf: $(ALL_TE_FILES)
|
||||||
@test -d tmp || mkdir -p tmp
|
@test -d tmp || mkdir -p tmp
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
#
|
#
|
||||||
# consoletype_domtrans(domain)
|
# consoletype_domtrans(domain)
|
||||||
#
|
#
|
||||||
define(`consoletype_domtrans',`
|
interface(`consoletype_domtrans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type consoletype_t, consoletype_exec_t;
|
type consoletype_t, consoletype_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -24,7 +24,7 @@ define(`consoletype_domtrans',`
|
|||||||
#
|
#
|
||||||
# consoletype_exec(domain)
|
# consoletype_exec(domain)
|
||||||
#
|
#
|
||||||
define(`consoletype_exec',`
|
interface(`consoletype_exec',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type consoletype_exec_t;
|
type consoletype_exec_t;
|
||||||
')
|
')
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dmesg_domtrans',`
|
interface(`dmesg_domtrans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type dmesg_t, dmesg_exec_t;
|
type dmesg_t, dmesg_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -38,7 +38,7 @@ define(`dmesg_domtrans',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dmesg_exec',`
|
interface(`dmesg_exec',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type dmesg_exec_t;
|
type dmesg_exec_t;
|
||||||
')
|
')
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
#
|
#
|
||||||
# netutils_domtrans(domain)
|
# netutils_domtrans(domain)
|
||||||
#
|
#
|
||||||
define(`netutils_domtrans',`
|
interface(`netutils_domtrans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type netutils_t, netutils_exec_t;
|
type netutils_t, netutils_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -23,7 +23,7 @@ define(`netutils_domtrans',`
|
|||||||
#
|
#
|
||||||
# netutils_exec(domain)
|
# netutils_exec(domain)
|
||||||
#
|
#
|
||||||
define(`netutils_exec',`
|
interface(`netutils_exec',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type netutils_exec_t;
|
type netutils_exec_t;
|
||||||
')
|
')
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`rpm_domtrans',`
|
interface(`rpm_domtrans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type rpm_t, rpm_exec_t;
|
type rpm_t, rpm_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -45,7 +45,7 @@ define(`rpm_domtrans',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`rpm_run',`
|
interface(`rpm_run',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type rpm_t, rpm_script_t;
|
type rpm_t, rpm_script_t;
|
||||||
class chr_file rw_term_perms;
|
class chr_file rw_term_perms;
|
||||||
@ -67,7 +67,7 @@ define(`rpm_run',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`rpm_use_fd',`
|
interface(`rpm_use_fd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type rpm_t;
|
type rpm_t;
|
||||||
class fd use;
|
class fd use;
|
||||||
@ -86,7 +86,7 @@ define(`rpm_use_fd',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`rpm_read_pipe',`
|
interface(`rpm_read_pipe',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type rpm_t;
|
type rpm_t;
|
||||||
class fifo_file r_file_perms;
|
class fifo_file r_file_perms;
|
||||||
@ -105,7 +105,7 @@ define(`rpm_read_pipe',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`rpm_read_db',`
|
interface(`rpm_read_db',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type rpm_var_lib_t_t;
|
type rpm_var_lib_t_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -122,7 +122,7 @@ define(`rpm_read_db',`
|
|||||||
#
|
#
|
||||||
# rpm_manage_db(domain)
|
# rpm_manage_db(domain)
|
||||||
#
|
#
|
||||||
define(`rpm_manage_db',`
|
interface(`rpm_manage_db',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type rpm_var_lib_t_t;
|
type rpm_var_lib_t_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`usermanage_domtrans_chfn',`
|
interface(`usermanage_domtrans_chfn',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type chfn_t, chfn_exec_t;
|
type chfn_t, chfn_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -46,7 +46,7 @@ define(`usermanage_domtrans_chfn',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`usermanage_run_chfn',`
|
interface(`usermanage_run_chfn',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type chfn_t;
|
type chfn_t;
|
||||||
class chr_file rw_term_perms;
|
class chr_file rw_term_perms;
|
||||||
@ -67,7 +67,7 @@ define(`usermanage_run_chfn',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`usermanage_domtrans_groupadd',`
|
interface(`usermanage_domtrans_groupadd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type groupadd_t, groupadd_exec_t;
|
type groupadd_t, groupadd_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -102,7 +102,7 @@ define(`usermanage_domtrans_groupadd',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`usermanage_run_groupadd',`
|
interface(`usermanage_run_groupadd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type groupadd_t;
|
type groupadd_t;
|
||||||
class chr_file rw_term_perms;
|
class chr_file rw_term_perms;
|
||||||
@ -123,7 +123,7 @@ define(`usermanage_run_groupadd',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`usermanage_domtrans_passwd',`
|
interface(`usermanage_domtrans_passwd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type passwd_t, passwd_exec_t;
|
type passwd_t, passwd_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -158,7 +158,7 @@ define(`usermanage_domtrans_passwd',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`usermanage_run_passwd',`
|
interface(`usermanage_run_passwd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type passwd_t;
|
type passwd_t;
|
||||||
class chr_file rw_term_perms;
|
class chr_file rw_term_perms;
|
||||||
@ -179,7 +179,7 @@ define(`usermanage_run_passwd',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`usermanage_domtrans_useradd',`
|
interface(`usermanage_domtrans_useradd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type useradd_t, useradd_exec_t;
|
type useradd_t, useradd_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -214,7 +214,7 @@ define(`usermanage_domtrans_useradd',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`usermanage_run_useradd',`
|
interface(`usermanage_run_useradd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type useradd_t;
|
type useradd_t;
|
||||||
class chr_file rw_term_perms;
|
class chr_file rw_term_perms;
|
||||||
|
@ -24,7 +24,7 @@
|
|||||||
## is the prefix for user_t).
|
## is the prefix for user_t).
|
||||||
## </parameter>
|
## </parameter>
|
||||||
#
|
#
|
||||||
define(`gpg_per_userdomain_template',`
|
template(`gpg_per_userdomain_template',`
|
||||||
gen_require(`$0'_depend)
|
gen_require(`$0'_depend)
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`bootloader_domtrans',`
|
interface(`bootloader_domtrans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type bootloader_t;
|
type bootloader_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -44,7 +44,7 @@ define(`bootloader_domtrans',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`bootloader_run',`
|
interface(`bootloader_run',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type bootloader_t;
|
type bootloader_t;
|
||||||
class chr_file rw_file_perms;
|
class chr_file rw_file_perms;
|
||||||
@ -66,7 +66,7 @@ define(`bootloader_run',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`bootloader_search_boot_dir',`
|
interface(`bootloader_search_boot_dir',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type boot_t;
|
type boot_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -85,7 +85,7 @@ define(`bootloader_search_boot_dir',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`bootloader_dontaudit_search_boot',`
|
interface(`bootloader_dontaudit_search_boot',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type boot_t;
|
type boot_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -105,7 +105,7 @@ define(`bootloader_dontaudit_search_boot',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`bootloader_rw_boot_symlinks',`
|
interface(`bootloader_rw_boot_symlinks',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type boot_t;
|
type boot_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -126,7 +126,7 @@ define(`bootloader_rw_boot_symlinks',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`bootloader_create_kernel',`
|
interface(`bootloader_create_kernel',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type boot_t;
|
type boot_t;
|
||||||
class dir ra_dir_perms;
|
class dir ra_dir_perms;
|
||||||
@ -149,7 +149,7 @@ define(`bootloader_create_kernel',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`bootloader_create_kernel_symbol_table',`
|
interface(`bootloader_create_kernel_symbol_table',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type boot_t, system_map_t;
|
type boot_t, system_map_t;
|
||||||
class dir ra_dir_perms;
|
class dir ra_dir_perms;
|
||||||
@ -170,7 +170,7 @@ define(`bootloader_create_kernel_symbol_table',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`bootloader_read_kernel_symbol_table',`
|
interface(`bootloader_read_kernel_symbol_table',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type boot_t, system_map_t;
|
type boot_t, system_map_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -191,7 +191,7 @@ define(`bootloader_read_kernel_symbol_table',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`bootloader_delete_kernel',`
|
interface(`bootloader_delete_kernel',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type boot_t;
|
type boot_t;
|
||||||
class dir { r_dir_perms write remove_name };
|
class dir { r_dir_perms write remove_name };
|
||||||
@ -212,7 +212,7 @@ define(`bootloader_delete_kernel',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`bootloader_delete_kernel_symbol_table',`
|
interface(`bootloader_delete_kernel_symbol_table',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type boot_t, system_map_t;
|
type boot_t, system_map_t;
|
||||||
class dir { r_dir_perms write remove_name };
|
class dir { r_dir_perms write remove_name };
|
||||||
@ -233,7 +233,7 @@ define(`bootloader_delete_kernel_symbol_table',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`bootloader_read_config',`
|
interface(`bootloader_read_config',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type bootloader_etc_t;
|
type bootloader_etc_t;
|
||||||
class file r_file_perms;
|
class file r_file_perms;
|
||||||
@ -253,7 +253,7 @@ define(`bootloader_read_config',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`bootloader_rw_config',`
|
interface(`bootloader_rw_config',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type bootloader_etc_t;
|
type bootloader_etc_t;
|
||||||
class file rw_file_perms;
|
class file rw_file_perms;
|
||||||
@ -273,7 +273,7 @@ define(`bootloader_rw_config',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`bootloader_rw_tmp_file',`
|
interface(`bootloader_rw_tmp_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type bootloader_tmp_t;
|
type bootloader_tmp_t;
|
||||||
class file rw_file_perms;
|
class file rw_file_perms;
|
||||||
@ -294,7 +294,7 @@ define(`bootloader_rw_tmp_file',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`bootloader_create_runtime_file',`
|
interface(`bootloader_create_runtime_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type boot_t, boot_runtime_t;
|
type boot_t, boot_runtime_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -316,7 +316,7 @@ define(`bootloader_create_runtime_file',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`bootloader_list_kernel_modules',`
|
interface(`bootloader_list_kernel_modules',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type modules_object_t;
|
type modules_object_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -335,7 +335,7 @@ define(`bootloader_list_kernel_modules',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`bootloader_read_kernel_modules',`
|
interface(`bootloader_read_kernel_modules',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type modules_object_t;
|
type modules_object_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -358,7 +358,7 @@ define(`bootloader_read_kernel_modules',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`bootloader_write_kernel_modules',`
|
interface(`bootloader_write_kernel_modules',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute rw_kern_modules;
|
attribute rw_kern_modules;
|
||||||
type modules_object_t;
|
type modules_object_t;
|
||||||
@ -383,7 +383,7 @@ define(`bootloader_write_kernel_modules',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`bootloader_manage_kernel_modules',`
|
interface(`bootloader_manage_kernel_modules',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute rw_kern_modules;
|
attribute rw_kern_modules;
|
||||||
type modules_object_t;
|
type modules_object_t;
|
||||||
@ -401,7 +401,7 @@ define(`bootloader_manage_kernel_modules',`
|
|||||||
#
|
#
|
||||||
# bootloader_create_private_module_dir_entry(domain,privatetype,[class(es)])
|
# bootloader_create_private_module_dir_entry(domain,privatetype,[class(es)])
|
||||||
#
|
#
|
||||||
define(`bootloader_create_private_module_dir_entry',`
|
interface(`bootloader_create_private_module_dir_entry',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type modules_object_t;
|
type modules_object_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
|
@ -12,7 +12,7 @@
|
|||||||
## <infoflow type="both" weight="10"/>
|
## <infoflow type="both" weight="10"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_tcp_sendrecv_generic_if',`
|
interface(`corenet_tcp_sendrecv_generic_if',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type netif_t;
|
type netif_t;
|
||||||
class netif { tcp_send tcp_recv };
|
class netif { tcp_send tcp_recv };
|
||||||
@ -25,7 +25,7 @@ define(`corenet_tcp_sendrecv_generic_if',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_send_generic_if(domain)
|
# corenet_udp_send_generic_if(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_send_generic_if',`
|
interface(`corenet_udp_send_generic_if',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type netif_t;
|
type netif_t;
|
||||||
class netif udp_send;
|
class netif udp_send;
|
||||||
@ -38,7 +38,7 @@ define(`corenet_udp_send_generic_if',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_receive_generic_if(domain)
|
# corenet_udp_receive_generic_if(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_receive_generic_if',`
|
interface(`corenet_udp_receive_generic_if',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type netif_t;
|
type netif_t;
|
||||||
class netif udp_recv;
|
class netif udp_recv;
|
||||||
@ -51,7 +51,7 @@ define(`corenet_udp_receive_generic_if',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_sendrecv_generic_if(domain)
|
# corenet_udp_sendrecv_generic_if(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_sendrecv_generic_if',`
|
interface(`corenet_udp_sendrecv_generic_if',`
|
||||||
corenet_udp_send_generic_if($1)
|
corenet_udp_send_generic_if($1)
|
||||||
corenet_udp_receive_generic_if($1)
|
corenet_udp_receive_generic_if($1)
|
||||||
')
|
')
|
||||||
@ -60,7 +60,7 @@ define(`corenet_udp_sendrecv_generic_if',`
|
|||||||
#
|
#
|
||||||
# corenet_raw_send_generic_if(domain)
|
# corenet_raw_send_generic_if(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_raw_send_generic_if',`
|
interface(`corenet_raw_send_generic_if',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type netif_t;
|
type netif_t;
|
||||||
class netif rawip_send;
|
class netif rawip_send;
|
||||||
@ -75,7 +75,7 @@ define(`corenet_raw_send_generic_if',`
|
|||||||
#
|
#
|
||||||
# corenet_raw_receive_generic_if(domain)
|
# corenet_raw_receive_generic_if(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_raw_receive_generic_if',`
|
interface(`corenet_raw_receive_generic_if',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type netif_t;
|
type netif_t;
|
||||||
class netif rawip_recv;
|
class netif rawip_recv;
|
||||||
@ -88,7 +88,7 @@ define(`corenet_raw_receive_generic_if',`
|
|||||||
#
|
#
|
||||||
# corenet_raw_sendrecv_generic_if(domain)
|
# corenet_raw_sendrecv_generic_if(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_raw_sendrecv_generic_if',`
|
interface(`corenet_raw_sendrecv_generic_if',`
|
||||||
corenet_raw_send_generic_if($1)
|
corenet_raw_send_generic_if($1)
|
||||||
corenet_raw_receive_generic_if($1)
|
corenet_raw_receive_generic_if($1)
|
||||||
')
|
')
|
||||||
@ -97,7 +97,7 @@ define(`corenet_raw_sendrecv_generic_if',`
|
|||||||
#
|
#
|
||||||
# corenet_tcp_sendrecv_all_if(domain)
|
# corenet_tcp_sendrecv_all_if(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_tcp_sendrecv_all_if',`
|
interface(`corenet_tcp_sendrecv_all_if',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute netif_type;
|
attribute netif_type;
|
||||||
class netif { tcp_send tcp_recv };
|
class netif { tcp_send tcp_recv };
|
||||||
@ -110,7 +110,7 @@ define(`corenet_tcp_sendrecv_all_if',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_send_all_if(domain)
|
# corenet_udp_send_all_if(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_send_all_if',`
|
interface(`corenet_udp_send_all_if',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute netif_type;
|
attribute netif_type;
|
||||||
class netif udp_send;
|
class netif udp_send;
|
||||||
@ -123,7 +123,7 @@ define(`corenet_udp_send_all_if',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_receive_all_if(domain)
|
# corenet_udp_receive_all_if(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_receive_all_if',`
|
interface(`corenet_udp_receive_all_if',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute netif_type;
|
attribute netif_type;
|
||||||
class netif udp_recv;
|
class netif udp_recv;
|
||||||
@ -136,7 +136,7 @@ define(`corenet_udp_receive_all_if',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_sendrecv_all_if(domain)
|
# corenet_udp_sendrecv_all_if(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_sendrecv_all_if',`
|
interface(`corenet_udp_sendrecv_all_if',`
|
||||||
corenet_udp_send_all_if($1)
|
corenet_udp_send_all_if($1)
|
||||||
corenet_udp_receive_all_if($1)
|
corenet_udp_receive_all_if($1)
|
||||||
')
|
')
|
||||||
@ -145,7 +145,7 @@ define(`corenet_udp_sendrecv_all_if',`
|
|||||||
#
|
#
|
||||||
# corenet_raw_send_all_if(domain)
|
# corenet_raw_send_all_if(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_raw_send_all_if',`
|
interface(`corenet_raw_send_all_if',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute netif_type;
|
attribute netif_type;
|
||||||
class netif rawip_send;
|
class netif rawip_send;
|
||||||
@ -160,7 +160,7 @@ define(`corenet_raw_send_all_if',`
|
|||||||
#
|
#
|
||||||
# corenet_raw_receive_all_if(domain)
|
# corenet_raw_receive_all_if(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_raw_receive_all_if',`
|
interface(`corenet_raw_receive_all_if',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute netif_type;
|
attribute netif_type;
|
||||||
class netif rawip_recv;
|
class netif rawip_recv;
|
||||||
@ -173,7 +173,7 @@ define(`corenet_raw_receive_all_if',`
|
|||||||
#
|
#
|
||||||
# corenet_raw_sendrecv_all_if(domain)
|
# corenet_raw_sendrecv_all_if(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_raw_sendrecv_all_if',`
|
interface(`corenet_raw_sendrecv_all_if',`
|
||||||
corenet_raw_send_all_if($1)
|
corenet_raw_send_all_if($1)
|
||||||
corenet_raw_receive_all_if($1)
|
corenet_raw_receive_all_if($1)
|
||||||
')
|
')
|
||||||
@ -182,7 +182,7 @@ define(`corenet_raw_sendrecv_all_if',`
|
|||||||
#
|
#
|
||||||
# corenet_tcp_sendrecv_generic_node(domain)
|
# corenet_tcp_sendrecv_generic_node(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_tcp_sendrecv_generic_node',`
|
interface(`corenet_tcp_sendrecv_generic_node',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type node_t;
|
type node_t;
|
||||||
class node { tcp_send tcp_recv };
|
class node { tcp_send tcp_recv };
|
||||||
@ -195,7 +195,7 @@ define(`corenet_tcp_sendrecv_generic_node',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_send_generic_node(domain)
|
# corenet_udp_send_generic_node(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_send_generic_node',`
|
interface(`corenet_udp_send_generic_node',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type node_t;
|
type node_t;
|
||||||
class node udp_send;
|
class node udp_send;
|
||||||
@ -208,7 +208,7 @@ define(`corenet_udp_send_generic_node',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_receive_generic_node(domain)
|
# corenet_udp_receive_generic_node(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_receive_generic_node',`
|
interface(`corenet_udp_receive_generic_node',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type node_t;
|
type node_t;
|
||||||
class node udp_recv;
|
class node udp_recv;
|
||||||
@ -221,7 +221,7 @@ define(`corenet_udp_receive_generic_node',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_sendrecv_generic_node(domain)
|
# corenet_udp_sendrecv_generic_node(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_sendrecv_generic_node',`
|
interface(`corenet_udp_sendrecv_generic_node',`
|
||||||
corenet_udp_send_generic_node($1)
|
corenet_udp_send_generic_node($1)
|
||||||
corenet_udp_receive_generic_node($1)
|
corenet_udp_receive_generic_node($1)
|
||||||
')
|
')
|
||||||
@ -230,7 +230,7 @@ define(`corenet_udp_sendrecv_generic_node',`
|
|||||||
#
|
#
|
||||||
# corenet_raw_send_generic_node(domain)
|
# corenet_raw_send_generic_node(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_raw_send_generic_node',`
|
interface(`corenet_raw_send_generic_node',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type node_t;
|
type node_t;
|
||||||
class node rawip_send;
|
class node rawip_send;
|
||||||
@ -243,7 +243,7 @@ define(`corenet_raw_send_generic_node',`
|
|||||||
#
|
#
|
||||||
# corenet_raw_receive_generic_node(domain)
|
# corenet_raw_receive_generic_node(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_raw_receive_generic_node',`
|
interface(`corenet_raw_receive_generic_node',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type node_t;
|
type node_t;
|
||||||
class node rawip_recv;
|
class node rawip_recv;
|
||||||
@ -256,7 +256,7 @@ define(`corenet_raw_receive_generic_node',`
|
|||||||
#
|
#
|
||||||
# corenet_raw_sendrecv_generic_node(domain)
|
# corenet_raw_sendrecv_generic_node(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_raw_sendrecv_generic_node',`
|
interface(`corenet_raw_sendrecv_generic_node',`
|
||||||
corenet_raw_send_generic_node($1)
|
corenet_raw_send_generic_node($1)
|
||||||
corenet_raw_receive_generic_node($1)
|
corenet_raw_receive_generic_node($1)
|
||||||
')
|
')
|
||||||
@ -265,7 +265,7 @@ define(`corenet_raw_sendrecv_generic_node',`
|
|||||||
#
|
#
|
||||||
# corenet_tcp_bind_generic_node(domain)
|
# corenet_tcp_bind_generic_node(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_tcp_bind_generic_node',`
|
interface(`corenet_tcp_bind_generic_node',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type node_t;
|
type node_t;
|
||||||
class tcp_socket node_bind;
|
class tcp_socket node_bind;
|
||||||
@ -278,7 +278,7 @@ define(`corenet_tcp_bind_generic_node',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_bind_generic_node(domain)
|
# corenet_udp_bind_generic_node(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_bind_generic_node',`
|
interface(`corenet_udp_bind_generic_node',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type node_t;
|
type node_t;
|
||||||
class udp_socket node_bind;
|
class udp_socket node_bind;
|
||||||
@ -291,7 +291,7 @@ define(`corenet_udp_bind_generic_node',`
|
|||||||
#
|
#
|
||||||
# corenet_tcp_sendrecv_all_nodes(domain)
|
# corenet_tcp_sendrecv_all_nodes(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_tcp_sendrecv_all_nodes',`
|
interface(`corenet_tcp_sendrecv_all_nodes',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute node_type;
|
attribute node_type;
|
||||||
class node { tcp_send tcp_recv };
|
class node { tcp_send tcp_recv };
|
||||||
@ -304,7 +304,7 @@ define(`corenet_tcp_sendrecv_all_nodes',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_send_all_nodes(domain)
|
# corenet_udp_send_all_nodes(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_send_all_nodes',`
|
interface(`corenet_udp_send_all_nodes',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute node_type;
|
attribute node_type;
|
||||||
class node udp_send;
|
class node udp_send;
|
||||||
@ -317,7 +317,7 @@ define(`corenet_udp_send_all_nodes',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_receive_all_nodes(domain)
|
# corenet_udp_receive_all_nodes(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_receive_all_nodes',`
|
interface(`corenet_udp_receive_all_nodes',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute node_type;
|
attribute node_type;
|
||||||
class node udp_recv;
|
class node udp_recv;
|
||||||
@ -330,7 +330,7 @@ define(`corenet_udp_receive_all_nodes',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_sendrecv_all_nodes(domain)
|
# corenet_udp_sendrecv_all_nodes(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_sendrecv_all_nodes',`
|
interface(`corenet_udp_sendrecv_all_nodes',`
|
||||||
corenet_udp_send_all_nodes($1)
|
corenet_udp_send_all_nodes($1)
|
||||||
corenet_udp_receive_all_nodes($1)
|
corenet_udp_receive_all_nodes($1)
|
||||||
')
|
')
|
||||||
@ -339,7 +339,7 @@ define(`corenet_udp_sendrecv_all_nodes',`
|
|||||||
#
|
#
|
||||||
# corenet_raw_send_all_nodes(domain)
|
# corenet_raw_send_all_nodes(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_raw_send_all_nodes',`
|
interface(`corenet_raw_send_all_nodes',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute node_type;
|
attribute node_type;
|
||||||
class node rawip_send;
|
class node rawip_send;
|
||||||
@ -352,7 +352,7 @@ define(`corenet_raw_send_all_nodes',`
|
|||||||
#
|
#
|
||||||
# corenet_raw_receive_all_nodes(domain)
|
# corenet_raw_receive_all_nodes(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_raw_receive_all_nodes',`
|
interface(`corenet_raw_receive_all_nodes',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute node_type;
|
attribute node_type;
|
||||||
class node rawip_recv;
|
class node rawip_recv;
|
||||||
@ -365,7 +365,7 @@ define(`corenet_raw_receive_all_nodes',`
|
|||||||
#
|
#
|
||||||
# corenet_raw_sendrecv_all_nodes(domain)
|
# corenet_raw_sendrecv_all_nodes(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_raw_sendrecv_all_nodes',`
|
interface(`corenet_raw_sendrecv_all_nodes',`
|
||||||
corenet_raw_send_all_nodes($1)
|
corenet_raw_send_all_nodes($1)
|
||||||
corenet_raw_receive_all_nodes($1)
|
corenet_raw_receive_all_nodes($1)
|
||||||
')
|
')
|
||||||
@ -374,7 +374,7 @@ define(`corenet_raw_sendrecv_all_nodes',`
|
|||||||
#
|
#
|
||||||
# corenet_tcp_bind_all_nodes(domain)
|
# corenet_tcp_bind_all_nodes(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_tcp_bind_all_nodes',`
|
interface(`corenet_tcp_bind_all_nodes',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute node_type;
|
attribute node_type;
|
||||||
class tcp_socket node_bind;
|
class tcp_socket node_bind;
|
||||||
@ -387,7 +387,7 @@ define(`corenet_tcp_bind_all_nodes',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_bind_all_nodes(domain)
|
# corenet_udp_bind_all_nodes(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_bind_all_nodes',`
|
interface(`corenet_udp_bind_all_nodes',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute node_type;
|
attribute node_type;
|
||||||
class udp_socket node_bind;
|
class udp_socket node_bind;
|
||||||
@ -400,7 +400,7 @@ define(`corenet_udp_bind_all_nodes',`
|
|||||||
#
|
#
|
||||||
# corenet_tcp_sendrecv_generic_port(domain)
|
# corenet_tcp_sendrecv_generic_port(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_tcp_sendrecv_generic_port',`
|
interface(`corenet_tcp_sendrecv_generic_port',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type port_t;
|
type port_t;
|
||||||
class tcp_socket { send_msg recv_msg };
|
class tcp_socket { send_msg recv_msg };
|
||||||
@ -413,7 +413,7 @@ define(`corenet_tcp_sendrecv_generic_port',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_send_generic_port(domain)
|
# corenet_udp_send_generic_port(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_send_generic_port',`
|
interface(`corenet_udp_send_generic_port',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type port_t;
|
type port_t;
|
||||||
class udp_socket send_msg;
|
class udp_socket send_msg;
|
||||||
@ -426,7 +426,7 @@ define(`corenet_udp_send_generic_port',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_receive_generic_port(domain)
|
# corenet_udp_receive_generic_port(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_receive_generic_port',`
|
interface(`corenet_udp_receive_generic_port',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type port_t;
|
type port_t;
|
||||||
class udp_socket recv_msg;
|
class udp_socket recv_msg;
|
||||||
@ -439,7 +439,7 @@ define(`corenet_udp_receive_generic_port',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_sendrecv_generic_port(domain)
|
# corenet_udp_sendrecv_generic_port(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_sendrecv_generic_port',`
|
interface(`corenet_udp_sendrecv_generic_port',`
|
||||||
corenet_udp_send_generic_port($1)
|
corenet_udp_send_generic_port($1)
|
||||||
corenet_udp_receive_generic_port($1)
|
corenet_udp_receive_generic_port($1)
|
||||||
')
|
')
|
||||||
@ -448,7 +448,7 @@ define(`corenet_udp_sendrecv_generic_port',`
|
|||||||
#
|
#
|
||||||
# corenet_tcp_bind_generic_port(domain)
|
# corenet_tcp_bind_generic_port(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_tcp_bind_generic_port',`
|
interface(`corenet_tcp_bind_generic_port',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type port_t;
|
type port_t;
|
||||||
class tcp_socket name_bind;
|
class tcp_socket name_bind;
|
||||||
@ -461,7 +461,7 @@ define(`corenet_tcp_bind_generic_port',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_bind_generic_port(domain)
|
# corenet_udp_bind_generic_port(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_bind_generic_port',`
|
interface(`corenet_udp_bind_generic_port',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type port_t;
|
type port_t;
|
||||||
class udp_socket name_bind;
|
class udp_socket name_bind;
|
||||||
@ -474,7 +474,7 @@ define(`corenet_udp_bind_generic_port',`
|
|||||||
#
|
#
|
||||||
# corenet_tcp_sendrecv_all_ports(domain)
|
# corenet_tcp_sendrecv_all_ports(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_tcp_sendrecv_all_ports',`
|
interface(`corenet_tcp_sendrecv_all_ports',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute port_type;
|
attribute port_type;
|
||||||
class tcp_socket { send_msg recv_msg };
|
class tcp_socket { send_msg recv_msg };
|
||||||
@ -487,7 +487,7 @@ define(`corenet_tcp_sendrecv_all_ports',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_send_all_ports(domain)
|
# corenet_udp_send_all_ports(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_send_all_ports',`
|
interface(`corenet_udp_send_all_ports',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute port_type;
|
attribute port_type;
|
||||||
class udp_socket send_msg;
|
class udp_socket send_msg;
|
||||||
@ -500,7 +500,7 @@ define(`corenet_udp_send_all_ports',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_receive_all_ports(domain)
|
# corenet_udp_receive_all_ports(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_receive_all_ports',`
|
interface(`corenet_udp_receive_all_ports',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute port_type;
|
attribute port_type;
|
||||||
class udp_socket recv_msg;
|
class udp_socket recv_msg;
|
||||||
@ -513,7 +513,7 @@ define(`corenet_udp_receive_all_ports',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_sendrecv_all_ports(domain)
|
# corenet_udp_sendrecv_all_ports(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_sendrecv_all_ports',`
|
interface(`corenet_udp_sendrecv_all_ports',`
|
||||||
corenet_udp_send_all_ports($1)
|
corenet_udp_send_all_ports($1)
|
||||||
corenet_udp_receive_all_ports($1)
|
corenet_udp_receive_all_ports($1)
|
||||||
')
|
')
|
||||||
@ -522,7 +522,7 @@ define(`corenet_udp_sendrecv_all_ports',`
|
|||||||
#
|
#
|
||||||
# corenet_tcp_bind_all_ports(domain)
|
# corenet_tcp_bind_all_ports(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_tcp_bind_all_ports',`
|
interface(`corenet_tcp_bind_all_ports',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute port_type;
|
attribute port_type;
|
||||||
class tcp_socket name_bind;
|
class tcp_socket name_bind;
|
||||||
@ -535,7 +535,7 @@ define(`corenet_tcp_bind_all_ports',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_bind_all_ports(domain)
|
# corenet_udp_bind_all_ports(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_bind_all_ports',`
|
interface(`corenet_udp_bind_all_ports',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute port_type;
|
attribute port_type;
|
||||||
class udp_socket name_bind;
|
class udp_socket name_bind;
|
||||||
@ -548,7 +548,7 @@ define(`corenet_udp_bind_all_ports',`
|
|||||||
#
|
#
|
||||||
# corenet_tcp_sendrecv_reserved_port(domain)
|
# corenet_tcp_sendrecv_reserved_port(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_tcp_sendrecv_reserved_port',`
|
interface(`corenet_tcp_sendrecv_reserved_port',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type reserved_port_t;
|
type reserved_port_t;
|
||||||
class tcp_socket { send_msg recv_msg };
|
class tcp_socket { send_msg recv_msg };
|
||||||
@ -561,7 +561,7 @@ define(`corenet_tcp_sendrecv_reserved_port',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_send_reserved_port(domain)
|
# corenet_udp_send_reserved_port(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_send_reserved_port',`
|
interface(`corenet_udp_send_reserved_port',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type reserved_port_t;
|
type reserved_port_t;
|
||||||
class udp_socket send_msg;
|
class udp_socket send_msg;
|
||||||
@ -574,7 +574,7 @@ define(`corenet_udp_send_reserved_port',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_receive_reserved_port(domain)
|
# corenet_udp_receive_reserved_port(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_receive_reserved_port',`
|
interface(`corenet_udp_receive_reserved_port',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type reserved_port_t;
|
type reserved_port_t;
|
||||||
class udp_socket recv_msg;
|
class udp_socket recv_msg;
|
||||||
@ -587,7 +587,7 @@ define(`corenet_udp_receive_reserved_port',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_sendrecv_reserved_port(domain)
|
# corenet_udp_sendrecv_reserved_port(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_sendrecv_reserved_port',`
|
interface(`corenet_udp_sendrecv_reserved_port',`
|
||||||
corenet_udp_send_reserved_port($1)
|
corenet_udp_send_reserved_port($1)
|
||||||
corenet_udp_receive_reserved_port($1)
|
corenet_udp_receive_reserved_port($1)
|
||||||
')
|
')
|
||||||
@ -596,7 +596,7 @@ define(`corenet_udp_sendrecv_reserved_port',`
|
|||||||
#
|
#
|
||||||
# corenet_tcp_bind_reserved_port(domain)
|
# corenet_tcp_bind_reserved_port(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_tcp_bind_reserved_port',`
|
interface(`corenet_tcp_bind_reserved_port',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type reserved_port_t;
|
type reserved_port_t;
|
||||||
class tcp_socket name_bind;
|
class tcp_socket name_bind;
|
||||||
@ -611,7 +611,7 @@ define(`corenet_tcp_bind_reserved_port',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_bind_reserved_port(domain)
|
# corenet_udp_bind_reserved_port(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_bind_reserved_port',`
|
interface(`corenet_udp_bind_reserved_port',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type reserved_port_t;
|
type reserved_port_t;
|
||||||
class udp_socket name_bind;
|
class udp_socket name_bind;
|
||||||
@ -626,7 +626,7 @@ define(`corenet_udp_bind_reserved_port',`
|
|||||||
#
|
#
|
||||||
# corenet_tcp_sendrecv_all_reserved_ports(domain)
|
# corenet_tcp_sendrecv_all_reserved_ports(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_tcp_sendrecv_all_reserved_ports',`
|
interface(`corenet_tcp_sendrecv_all_reserved_ports',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute reserved_port_type;
|
attribute reserved_port_type;
|
||||||
class tcp_socket { send_msg recv_msg };
|
class tcp_socket { send_msg recv_msg };
|
||||||
@ -639,7 +639,7 @@ define(`corenet_tcp_sendrecv_all_reserved_ports',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_send_all_reserved_ports(domain)
|
# corenet_udp_send_all_reserved_ports(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_send_all_reserved_ports',`
|
interface(`corenet_udp_send_all_reserved_ports',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute reserved_port_type;
|
attribute reserved_port_type;
|
||||||
class udp_socket send_msg;
|
class udp_socket send_msg;
|
||||||
@ -652,7 +652,7 @@ define(`corenet_udp_send_all_reserved_ports',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_receive_all_reserved_ports(domain)
|
# corenet_udp_receive_all_reserved_ports(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_receive_all_reserved_ports',`
|
interface(`corenet_udp_receive_all_reserved_ports',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute reserved_port_type;
|
attribute reserved_port_type;
|
||||||
class udp_socket recv_msg;
|
class udp_socket recv_msg;
|
||||||
@ -665,7 +665,7 @@ define(`corenet_udp_receive_all_reserved_ports',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_sendrecv_all_reserved_ports(domain)
|
# corenet_udp_sendrecv_all_reserved_ports(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_sendrecv_all_reserved_ports',`
|
interface(`corenet_udp_sendrecv_all_reserved_ports',`
|
||||||
corenet_udp_send_all_reserved_ports($1)
|
corenet_udp_send_all_reserved_ports($1)
|
||||||
corenet_udp_receive_all_reserved_ports($1)
|
corenet_udp_receive_all_reserved_ports($1)
|
||||||
')
|
')
|
||||||
@ -674,7 +674,7 @@ define(`corenet_udp_sendrecv_all_reserved_ports',`
|
|||||||
#
|
#
|
||||||
# corenet_tcp_bind_all_reserved_ports(domain)
|
# corenet_tcp_bind_all_reserved_ports(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_tcp_bind_all_reserved_ports',`
|
interface(`corenet_tcp_bind_all_reserved_ports',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute reserved_port_type;
|
attribute reserved_port_type;
|
||||||
class tcp_socket name_bind;
|
class tcp_socket name_bind;
|
||||||
@ -689,7 +689,7 @@ define(`corenet_tcp_bind_all_reserved_ports',`
|
|||||||
#
|
#
|
||||||
# corenet_dontaudit_tcp_bind_all_reserved_ports(domain)
|
# corenet_dontaudit_tcp_bind_all_reserved_ports(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_dontaudit_tcp_bind_all_reserved_ports',`
|
interface(`corenet_dontaudit_tcp_bind_all_reserved_ports',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute reserved_port_type;
|
attribute reserved_port_type;
|
||||||
class tcp_socket name_bind;
|
class tcp_socket name_bind;
|
||||||
@ -702,7 +702,7 @@ define(`corenet_dontaudit_tcp_bind_all_reserved_ports',`
|
|||||||
#
|
#
|
||||||
# corenet_udp_bind_all_reserved_ports(domain)
|
# corenet_udp_bind_all_reserved_ports(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_udp_bind_all_reserved_ports',`
|
interface(`corenet_udp_bind_all_reserved_ports',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute reserved_port_type;
|
attribute reserved_port_type;
|
||||||
class udp_socket name_bind;
|
class udp_socket name_bind;
|
||||||
@ -717,7 +717,7 @@ define(`corenet_udp_bind_all_reserved_ports',`
|
|||||||
#
|
#
|
||||||
# corenet_dontaudit_udp_bind_all_reserved_ports(domain)
|
# corenet_dontaudit_udp_bind_all_reserved_ports(domain)
|
||||||
#
|
#
|
||||||
define(`corenet_dontaudit_udp_bind_all_reserved_ports',`
|
interface(`corenet_dontaudit_udp_bind_all_reserved_ports',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute reserved_port_type;
|
attribute reserved_port_type;
|
||||||
class udp_socket name_bind;
|
class udp_socket name_bind;
|
||||||
|
@ -16,7 +16,7 @@ define(`create_netif_interfaces',``
|
|||||||
## <infoflow type="both" weight="10"/>
|
## <infoflow type="both" weight="10"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_tcp_sendrecv_$1',`
|
interface(`corenet_tcp_sendrecv_$1',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type $1_netif_t;
|
type $1_netif_t;
|
||||||
class netif { tcp_send tcp_recv };
|
class netif { tcp_send tcp_recv };
|
||||||
@ -36,7 +36,7 @@ define(`corenet_tcp_sendrecv_$1',`
|
|||||||
## <infoflow type="write" weight="10"/>
|
## <infoflow type="write" weight="10"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_udp_send_$1',`
|
interface(`corenet_udp_send_$1',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type $1_netif_t;
|
type $1_netif_t;
|
||||||
class netif udp_send;
|
class netif udp_send;
|
||||||
@ -56,7 +56,7 @@ define(`corenet_udp_send_$1',`
|
|||||||
## <infoflow type="read" weight="10"/>
|
## <infoflow type="read" weight="10"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_udp_receive_$1',`
|
interface(`corenet_udp_receive_$1',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type $1_netif_t;
|
type $1_netif_t;
|
||||||
class netif udp_recv;
|
class netif udp_recv;
|
||||||
@ -76,7 +76,7 @@ define(`corenet_udp_receive_$1',`
|
|||||||
## <infoflow type="both" weight="10"/>
|
## <infoflow type="both" weight="10"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_udp_sendrecv_$1',`
|
interface(`corenet_udp_sendrecv_$1',`
|
||||||
corenet_udp_send_$1(dollarsone)
|
corenet_udp_send_$1(dollarsone)
|
||||||
corenet_udp_receive_$1(dollarsone)
|
corenet_udp_receive_$1(dollarsone)
|
||||||
')
|
')
|
||||||
@ -92,7 +92,7 @@ define(`corenet_udp_sendrecv_$1',`
|
|||||||
## <infoflow type="write" weight="10"/>
|
## <infoflow type="write" weight="10"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_raw_send_$1',`
|
interface(`corenet_raw_send_$1',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type $1_netif_t;
|
type $1_netif_t;
|
||||||
class netif rawip_send;
|
class netif rawip_send;
|
||||||
@ -114,7 +114,7 @@ define(`corenet_raw_send_$1',`
|
|||||||
## <infoflow type="read" weight="10"/>
|
## <infoflow type="read" weight="10"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_raw_receive_$1',`
|
interface(`corenet_raw_receive_$1',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type $1_netif_t;
|
type $1_netif_t;
|
||||||
class netif rawip_recv;
|
class netif rawip_recv;
|
||||||
@ -134,7 +134,7 @@ define(`corenet_raw_receive_$1',`
|
|||||||
## <infoflow type="both" weight="10"/>
|
## <infoflow type="both" weight="10"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_raw_sendrecv_$1',`
|
interface(`corenet_raw_sendrecv_$1',`
|
||||||
corenet_raw_send_$1(dollarsone)
|
corenet_raw_send_$1(dollarsone)
|
||||||
corenet_raw_receive_$1(dollarsone)
|
corenet_raw_receive_$1(dollarsone)
|
||||||
')
|
')
|
||||||
@ -158,7 +158,7 @@ define(`create_node_interfaces',``
|
|||||||
## <infoflow type="both" weight="10"/>
|
## <infoflow type="both" weight="10"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_tcp_sendrecv_$1_node',`
|
interface(`corenet_tcp_sendrecv_$1_node',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type $1_node_t;
|
type $1_node_t;
|
||||||
class node { tcp_send tcp_recv };
|
class node { tcp_send tcp_recv };
|
||||||
@ -178,7 +178,7 @@ define(`corenet_tcp_sendrecv_$1_node',`
|
|||||||
## <infoflow type="write" weight="10"/>
|
## <infoflow type="write" weight="10"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_udp_send_$1_node',`
|
interface(`corenet_udp_send_$1_node',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type $1_node_t;
|
type $1_node_t;
|
||||||
class node udp_send;
|
class node udp_send;
|
||||||
@ -198,7 +198,7 @@ define(`corenet_udp_send_$1_node',`
|
|||||||
## <infoflow type="read" weight="10"/>
|
## <infoflow type="read" weight="10"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_udp_receive_$1_node',`
|
interface(`corenet_udp_receive_$1_node',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type $1_node_t;
|
type $1_node_t;
|
||||||
class node udp_recv;
|
class node udp_recv;
|
||||||
@ -218,7 +218,7 @@ define(`corenet_udp_receive_$1_node',`
|
|||||||
## <infoflow type="both" weight="10"/>
|
## <infoflow type="both" weight="10"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_udp_sendrecv_$1_node',`
|
interface(`corenet_udp_sendrecv_$1_node',`
|
||||||
corenet_udp_send_$1_node(dollarsone)
|
corenet_udp_send_$1_node(dollarsone)
|
||||||
corenet_udp_receive_$1_node(dollarsone)
|
corenet_udp_receive_$1_node(dollarsone)
|
||||||
')
|
')
|
||||||
@ -234,7 +234,7 @@ define(`corenet_udp_sendrecv_$1_node',`
|
|||||||
## <infoflow type="write" weight="10"/>
|
## <infoflow type="write" weight="10"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_raw_send_$1_node',`
|
interface(`corenet_raw_send_$1_node',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type $1_node_t;
|
type $1_node_t;
|
||||||
class node rawip_send;
|
class node rawip_send;
|
||||||
@ -254,7 +254,7 @@ define(`corenet_raw_send_$1_node',`
|
|||||||
## <infoflow type="write" weight="10"/>
|
## <infoflow type="write" weight="10"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_raw_receive_$1_node',`
|
interface(`corenet_raw_receive_$1_node',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type $1_node_t;
|
type $1_node_t;
|
||||||
class node rawip_recv;
|
class node rawip_recv;
|
||||||
@ -274,7 +274,7 @@ define(`corenet_raw_receive_$1_node',`
|
|||||||
## <infoflow type="both" weight="10"/>
|
## <infoflow type="both" weight="10"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_raw_sendrecv_$1_node',`
|
interface(`corenet_raw_sendrecv_$1_node',`
|
||||||
corenet_raw_send_$1_node(dollarsone)
|
corenet_raw_send_$1_node(dollarsone)
|
||||||
corenet_raw_receive_$1_node(dollarsone)
|
corenet_raw_receive_$1_node(dollarsone)
|
||||||
')
|
')
|
||||||
@ -290,7 +290,7 @@ define(`corenet_raw_sendrecv_$1_node',`
|
|||||||
## <infoflow type="none"/>
|
## <infoflow type="none"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_tcp_bind_$1_node',`
|
interface(`corenet_tcp_bind_$1_node',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type $1_node_t;
|
type $1_node_t;
|
||||||
class tcp_socket node_bind;
|
class tcp_socket node_bind;
|
||||||
@ -310,7 +310,7 @@ define(`corenet_tcp_bind_$1_node',`
|
|||||||
## <infoflow type="none"/>
|
## <infoflow type="none"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_udp_bind_$1_node',`
|
interface(`corenet_udp_bind_$1_node',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type $1_node_t;
|
type $1_node_t;
|
||||||
class udp_socket node_bind;
|
class udp_socket node_bind;
|
||||||
@ -338,7 +338,7 @@ define(`create_port_interfaces',``
|
|||||||
## <infoflow type="both" weight="10"/>
|
## <infoflow type="both" weight="10"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_tcp_sendrecv_$1_port',`
|
interface(`corenet_tcp_sendrecv_$1_port',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type $1_port_t;
|
type $1_port_t;
|
||||||
class tcp_socket { send_msg recv_msg };
|
class tcp_socket { send_msg recv_msg };
|
||||||
@ -358,7 +358,7 @@ define(`corenet_tcp_sendrecv_$1_port',`
|
|||||||
## <infoflow type="write" weight="10"/>
|
## <infoflow type="write" weight="10"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_udp_send_$1_port',`
|
interface(`corenet_udp_send_$1_port',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type $1_port_t;
|
type $1_port_t;
|
||||||
class udp_socket send_msg;
|
class udp_socket send_msg;
|
||||||
@ -378,7 +378,7 @@ define(`corenet_udp_send_$1_port',`
|
|||||||
## <infoflow type="read" weight="10"/>
|
## <infoflow type="read" weight="10"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_udp_receive_$1_port',`
|
interface(`corenet_udp_receive_$1_port',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type $1_port_t;
|
type $1_port_t;
|
||||||
class udp_socket recv_msg;
|
class udp_socket recv_msg;
|
||||||
@ -398,7 +398,7 @@ define(`corenet_udp_receive_$1_port',`
|
|||||||
## <infoflow type="both" weight="10"/>
|
## <infoflow type="both" weight="10"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_udp_sendrecv_$1_port',`
|
interface(`corenet_udp_sendrecv_$1_port',`
|
||||||
corenet_udp_send_$1_port(dollarsone)
|
corenet_udp_send_$1_port(dollarsone)
|
||||||
corenet_udp_receive_$1_port(dollarsone)
|
corenet_udp_receive_$1_port(dollarsone)
|
||||||
')
|
')
|
||||||
@ -414,7 +414,7 @@ define(`corenet_udp_sendrecv_$1_port',`
|
|||||||
## <infoflow type="none"/>
|
## <infoflow type="none"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_tcp_bind_$1_port',`
|
interface(`corenet_tcp_bind_$1_port',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type $1_port_t;
|
type $1_port_t;
|
||||||
class tcp_socket name_bind;
|
class tcp_socket name_bind;
|
||||||
@ -435,7 +435,7 @@ define(`corenet_tcp_bind_$1_port',`
|
|||||||
## <infoflow type="none"/>
|
## <infoflow type="none"/>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corenet_udp_bind_$1_port',`
|
interface(`corenet_udp_bind_$1_port',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type $1_port_t;
|
type $1_port_t;
|
||||||
class udp_socket name_bind;
|
class udp_socket name_bind;
|
||||||
|
@ -36,7 +36,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_node',`
|
interface(`dev_node',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute device_node;
|
attribute device_node;
|
||||||
')
|
')
|
||||||
@ -60,7 +60,7 @@ define(`dev_node',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_relabel_all_dev_nodes',`
|
interface(`dev_relabel_all_dev_nodes',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute device_node;
|
attribute device_node;
|
||||||
type device_t;
|
type device_t;
|
||||||
@ -92,7 +92,7 @@ define(`dev_relabel_all_dev_nodes',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_list_all_dev_nodes',`
|
interface(`dev_list_all_dev_nodes',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t;
|
type device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -113,7 +113,7 @@ define(`dev_list_all_dev_nodes',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_dontaudit_list_all_dev_nodes',`
|
interface(`dev_dontaudit_list_all_dev_nodes',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t;
|
type device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -132,7 +132,7 @@ define(`dev_dontaudit_list_all_dev_nodes',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_create_dir',`
|
interface(`dev_create_dir',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t;
|
type device_t;
|
||||||
class dir { ra_dir_perms create };
|
class dir { ra_dir_perms create };
|
||||||
@ -151,7 +151,7 @@ define(`dev_create_dir',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_relabel_dev_dirs',`
|
interface(`dev_relabel_dev_dirs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t;
|
type device_t;
|
||||||
class dir { r_dir_perms relabelfrom relabelto };
|
class dir { r_dir_perms relabelfrom relabelto };
|
||||||
@ -170,7 +170,7 @@ define(`dev_relabel_dev_dirs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_dontaudit_getattr_generic_pipe',`
|
interface(`dev_dontaudit_getattr_generic_pipe',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t;
|
type device_t;
|
||||||
class fifo_file getattr;
|
class fifo_file getattr;
|
||||||
@ -189,7 +189,7 @@ define(`dev_dontaudit_getattr_generic_pipe',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_getattr_generic_blk_file',`
|
interface(`dev_getattr_generic_blk_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t;
|
type device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -210,7 +210,7 @@ define(`dev_getattr_generic_blk_file',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_dontaudit_getattr_generic_blk_file',`
|
interface(`dev_dontaudit_getattr_generic_blk_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t;
|
type device_t;
|
||||||
class blk_file getattr;
|
class blk_file getattr;
|
||||||
@ -229,7 +229,7 @@ define(`dev_dontaudit_getattr_generic_blk_file',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_dontaudit_setattr_generic_blk_file',`
|
interface(`dev_dontaudit_setattr_generic_blk_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t;
|
type device_t;
|
||||||
class blk_file setattr;
|
class blk_file setattr;
|
||||||
@ -249,7 +249,7 @@ define(`dev_dontaudit_setattr_generic_blk_file',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_manage_generic_blk_file',`
|
interface(`dev_manage_generic_blk_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t;
|
type device_t;
|
||||||
class blk_file create_file_perms;
|
class blk_file create_file_perms;
|
||||||
@ -269,7 +269,7 @@ define(`dev_manage_generic_blk_file',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_create_generic_chr_file',`
|
interface(`dev_create_generic_chr_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t;
|
type device_t;
|
||||||
class dir ra_dir_perms;
|
class dir ra_dir_perms;
|
||||||
@ -293,7 +293,7 @@ define(`dev_create_generic_chr_file',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_getattr_generic_chr_file',`
|
interface(`dev_getattr_generic_chr_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t;
|
type device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -314,7 +314,7 @@ define(`dev_getattr_generic_chr_file',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_dontaudit_getattr_generic_chr_file',`
|
interface(`dev_dontaudit_getattr_generic_chr_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t;
|
type device_t;
|
||||||
class chr_file getattr;
|
class chr_file getattr;
|
||||||
@ -333,7 +333,7 @@ define(`dev_dontaudit_getattr_generic_chr_file',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_dontaudit_setattr_generic_chr_file',`
|
interface(`dev_dontaudit_setattr_generic_chr_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t;
|
type device_t;
|
||||||
class chr_file setattr;
|
class chr_file setattr;
|
||||||
@ -352,7 +352,7 @@ define(`dev_dontaudit_setattr_generic_chr_file',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_del_generic_symlinks',`
|
interface(`dev_del_generic_symlinks',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t;
|
type device_t;
|
||||||
class dir { getattr read write remove_name };
|
class dir { getattr read write remove_name };
|
||||||
@ -373,7 +373,7 @@ define(`dev_del_generic_symlinks',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_manage_generic_symlinks',`
|
interface(`dev_manage_generic_symlinks',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t;
|
type device_t;
|
||||||
class dir { create read getattr lock setattr ioctl link unlink rename search add_name remove_name reparent write rmdir relabelfrom relabelto };
|
class dir { create read getattr lock setattr ioctl link unlink rename search add_name remove_name reparent write rmdir relabelfrom relabelto };
|
||||||
@ -394,7 +394,7 @@ define(`dev_manage_generic_symlinks',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_manage_dev_nodes',`
|
interface(`dev_manage_dev_nodes',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute device_node, memory_raw_read, memory_raw_write;
|
attribute device_node, memory_raw_read, memory_raw_write;
|
||||||
type device_t;
|
type device_t;
|
||||||
@ -432,7 +432,7 @@ define(`dev_manage_dev_nodes',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_dontaudit_rw_generic_dev_nodes',`
|
interface(`dev_dontaudit_rw_generic_dev_nodes',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t;
|
type device_t;
|
||||||
class chr_file { getattr read write ioctl };
|
class chr_file { getattr read write ioctl };
|
||||||
@ -452,7 +452,7 @@ define(`dev_dontaudit_rw_generic_dev_nodes',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_manage_generic_blk_file',`
|
interface(`dev_manage_generic_blk_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t;
|
type device_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -473,7 +473,7 @@ define(`dev_manage_generic_blk_file',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_manage_generic_chr_file',`
|
interface(`dev_manage_generic_chr_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t;
|
type device_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -502,7 +502,7 @@ define(`dev_manage_generic_chr_file',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_create_dev_node',`
|
interface(`dev_create_dev_node',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t;
|
type device_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -526,7 +526,7 @@ define(`dev_create_dev_node',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_getattr_all_blk_files',`
|
interface(`dev_getattr_all_blk_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute device_node;
|
attribute device_node;
|
||||||
class blk_file getattr;
|
class blk_file getattr;
|
||||||
@ -547,7 +547,7 @@ define(`dev_getattr_all_blk_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_dontaudit_getattr_all_blk_files',`
|
interface(`dev_dontaudit_getattr_all_blk_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute device_node;
|
attribute device_node;
|
||||||
class blk_file getattr;
|
class blk_file getattr;
|
||||||
@ -566,7 +566,7 @@ define(`dev_dontaudit_getattr_all_blk_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_getattr_all_chr_files',`
|
interface(`dev_getattr_all_chr_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute device_node;
|
attribute device_node;
|
||||||
class chr_file getattr;
|
class chr_file getattr;
|
||||||
@ -587,7 +587,7 @@ define(`dev_getattr_all_chr_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_dontaudit_getattr_all_chr_files',`
|
interface(`dev_dontaudit_getattr_all_chr_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute device_node;
|
attribute device_node;
|
||||||
class chr_file getattr;
|
class chr_file getattr;
|
||||||
@ -606,7 +606,7 @@ define(`dev_dontaudit_getattr_all_chr_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_setattr_all_blk_files',`
|
interface(`dev_setattr_all_blk_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute device_node;
|
attribute device_node;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -627,7 +627,7 @@ define(`dev_setattr_all_blk_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_setattr_all_chr_files',`
|
interface(`dev_setattr_all_chr_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute device_node;
|
attribute device_node;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -648,7 +648,7 @@ define(`dev_setattr_all_chr_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_manage_all_blk_files',`
|
interface(`dev_manage_all_blk_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute device_node;
|
attribute device_node;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -675,7 +675,7 @@ define(`dev_manage_all_blk_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_manage_all_chr_files',`
|
interface(`dev_manage_all_chr_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute device_node, memory_raw_read, memory_raw_write;
|
attribute device_node, memory_raw_read, memory_raw_write;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -698,7 +698,7 @@ define(`dev_manage_all_chr_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_read_raw_memory',`
|
interface(`dev_read_raw_memory',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, memory_device_t;
|
type device_t, memory_device_t;
|
||||||
attribute memory_raw_read;
|
attribute memory_raw_read;
|
||||||
@ -724,7 +724,7 @@ define(`dev_read_raw_memory',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_write_raw_memory',`
|
interface(`dev_write_raw_memory',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, memory_device_t;
|
type device_t, memory_device_t;
|
||||||
attribute memory_raw_write;
|
attribute memory_raw_write;
|
||||||
@ -750,7 +750,7 @@ define(`dev_write_raw_memory',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_rx_raw_memory',`
|
interface(`dev_rx_raw_memory',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, memory_device_t;
|
type device_t, memory_device_t;
|
||||||
class chr_file execute;
|
class chr_file execute;
|
||||||
@ -770,7 +770,7 @@ define(`dev_rx_raw_memory',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_wx_raw_memory',`
|
interface(`dev_wx_raw_memory',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, memory_device_t;
|
type device_t, memory_device_t;
|
||||||
class chr_file execute;
|
class chr_file execute;
|
||||||
@ -790,7 +790,7 @@ define(`dev_wx_raw_memory',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_read_rand',`
|
interface(`dev_read_rand',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, random_device_t;
|
type device_t, random_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -811,7 +811,7 @@ define(`dev_read_rand',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_read_urand',`
|
interface(`dev_read_urand',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, urandom_device_t;
|
type device_t, urandom_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -834,7 +834,7 @@ define(`dev_read_urand',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_write_rand',`
|
interface(`dev_write_rand',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, random_device_t;
|
type device_t, random_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -856,7 +856,7 @@ define(`dev_write_rand',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_write_urand',`
|
interface(`dev_write_urand',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, urandom_device_t;
|
type device_t, urandom_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -877,7 +877,7 @@ define(`dev_write_urand',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_rw_null_dev',`
|
interface(`dev_rw_null_dev',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, null_device_t;
|
type device_t, null_device_t;
|
||||||
class device_t:dir r_dir_perms;
|
class device_t:dir r_dir_perms;
|
||||||
@ -898,7 +898,7 @@ define(`dev_rw_null_dev',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_rw_zero_dev',`
|
interface(`dev_rw_zero_dev',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, zero_device_t;
|
type device_t, zero_device_t;
|
||||||
class device_t:dir r_dir_perms;
|
class device_t:dir r_dir_perms;
|
||||||
@ -919,7 +919,7 @@ define(`dev_rw_zero_dev',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_rwx_zero_dev',`
|
interface(`dev_rwx_zero_dev',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type zero_device_t;
|
type zero_device_t;
|
||||||
class chr_file execute;
|
class chr_file execute;
|
||||||
@ -939,7 +939,7 @@ define(`dev_rwx_zero_dev',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_read_realtime_clock',`
|
interface(`dev_read_realtime_clock',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, clock_device_t;
|
type device_t, clock_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -960,7 +960,7 @@ define(`dev_read_realtime_clock',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_write_realtime_clock',`
|
interface(`dev_write_realtime_clock',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, clock_device_t;
|
type device_t, clock_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -981,7 +981,7 @@ define(`dev_write_realtime_clock',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_rw_realtime_clock',`
|
interface(`dev_rw_realtime_clock',`
|
||||||
dev_read_realtime_clock($1)
|
dev_read_realtime_clock($1)
|
||||||
dev_write_realtime_clock($1)
|
dev_write_realtime_clock($1)
|
||||||
')
|
')
|
||||||
@ -996,7 +996,7 @@ define(`dev_rw_realtime_clock',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_getattr_snd_dev',`
|
interface(`dev_getattr_snd_dev',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, sound_device_t;
|
type device_t, sound_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1017,7 +1017,7 @@ define(`dev_getattr_snd_dev',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_setattr_snd_dev',`
|
interface(`dev_setattr_snd_dev',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, sound_device_t;
|
type device_t, sound_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1038,7 +1038,7 @@ define(`dev_setattr_snd_dev',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_read_snd_dev',`
|
interface(`dev_read_snd_dev',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, sound_device_t;
|
type device_t, sound_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1059,7 +1059,7 @@ define(`dev_read_snd_dev',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_write_snd_dev',`
|
interface(`dev_write_snd_dev',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, sound_device_t;
|
type device_t, sound_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1080,7 +1080,7 @@ define(`dev_write_snd_dev',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_read_snd_mixer_dev',`
|
interface(`dev_read_snd_mixer_dev',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, sound_device_t;
|
type device_t, sound_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1101,7 +1101,7 @@ define(`dev_read_snd_mixer_dev',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_write_snd_mixer_dev',`
|
interface(`dev_write_snd_mixer_dev',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, sound_device_t;
|
type device_t, sound_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1122,7 +1122,7 @@ define(`dev_write_snd_mixer_dev',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_rw_agp_dev',`
|
interface(`dev_rw_agp_dev',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, agp_device_t;
|
type device_t, agp_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1143,7 +1143,7 @@ define(`dev_rw_agp_dev',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_getattr_agp_dev',`
|
interface(`dev_getattr_agp_dev',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, dri_device_t;
|
type device_t, dri_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1164,7 +1164,7 @@ define(`dev_getattr_agp_dev',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_rw_dri_dev',`
|
interface(`dev_rw_dri_dev',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, dri_device_t;
|
type device_t, dri_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1185,7 +1185,7 @@ define(`dev_rw_dri_dev',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_dontaudit_rw_dri_dev',`
|
interface(`dev_dontaudit_rw_dri_dev',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type dri_device_t;
|
type dri_device_t;
|
||||||
class chr_file { getattr read write ioctl };
|
class chr_file { getattr read write ioctl };
|
||||||
@ -1204,7 +1204,7 @@ define(`dev_dontaudit_rw_dri_dev',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_read_mtrr',`
|
interface(`dev_read_mtrr',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, mtrr_device_t;
|
type device_t, mtrr_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1225,7 +1225,7 @@ define(`dev_read_mtrr',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_write_mtrr',`
|
interface(`dev_write_mtrr',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, mtrr_device_t;
|
type device_t, mtrr_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1246,7 +1246,7 @@ define(`dev_write_mtrr',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_getattr_framebuffer',`
|
interface(`dev_getattr_framebuffer',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type framebuf_device_t;
|
type framebuf_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1267,7 +1267,7 @@ define(`dev_getattr_framebuffer',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_setattr_framebuffer',`
|
interface(`dev_setattr_framebuffer',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type framebuf_device_t;
|
type framebuf_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1288,7 +1288,7 @@ define(`dev_setattr_framebuffer',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_read_framebuffer',`
|
interface(`dev_read_framebuffer',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type framebuf_device_t;
|
type framebuf_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1309,7 +1309,7 @@ define(`dev_read_framebuffer',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_write_framebuffer',`
|
interface(`dev_write_framebuffer',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, framebuf_device_t;
|
type device_t, framebuf_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1330,7 +1330,7 @@ define(`dev_write_framebuffer',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_read_lvm_control',`
|
interface(`dev_read_lvm_control',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, lvm_control_t;
|
type device_t, lvm_control_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1351,7 +1351,7 @@ define(`dev_read_lvm_control',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_rw_lvm_control',`
|
interface(`dev_rw_lvm_control',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, lvm_control_t;
|
type device_t, lvm_control_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1372,7 +1372,7 @@ define(`dev_rw_lvm_control',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_delete_lvm_control',`
|
interface(`dev_delete_lvm_control',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, lvm_control_t;
|
type device_t, lvm_control_t;
|
||||||
class dir { getattr search read write remove_name };
|
class dir { getattr search read write remove_name };
|
||||||
@ -1393,7 +1393,7 @@ define(`dev_delete_lvm_control',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_getattr_misc',`
|
interface(`dev_getattr_misc',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, misc_device_t;
|
type device_t, misc_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1415,7 +1415,7 @@ define(`dev_getattr_misc',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_dontaudit_getattr_misc',`
|
interface(`dev_dontaudit_getattr_misc',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type misc_device_t;
|
type misc_device_t;
|
||||||
class chr_file getattr;
|
class chr_file getattr;
|
||||||
@ -1434,7 +1434,7 @@ define(`dev_dontaudit_getattr_misc',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_setattr_misc',`
|
interface(`dev_setattr_misc',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, misc_device_t;
|
type device_t, misc_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1456,7 +1456,7 @@ define(`dev_setattr_misc',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_dontaudit_setattr_misc',`
|
interface(`dev_dontaudit_setattr_misc',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type misc_device_t;
|
type misc_device_t;
|
||||||
class chr_file setattr;
|
class chr_file setattr;
|
||||||
@ -1475,7 +1475,7 @@ define(`dev_dontaudit_setattr_misc',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_read_misc',`
|
interface(`dev_read_misc',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, misc_device_t;
|
type device_t, misc_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1496,7 +1496,7 @@ define(`dev_read_misc',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_write_misc',`
|
interface(`dev_write_misc',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, misc_device_t;
|
type device_t, misc_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1517,7 +1517,7 @@ define(`dev_write_misc',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_getattr_mouse',`
|
interface(`dev_getattr_mouse',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, mouse_device_t;
|
type device_t, mouse_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1538,7 +1538,7 @@ define(`dev_getattr_mouse',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_setattr_mouse',`
|
interface(`dev_setattr_mouse',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, mouse_device_t;
|
type device_t, mouse_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1559,7 +1559,7 @@ define(`dev_setattr_mouse',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_read_mouse',`
|
interface(`dev_read_mouse',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, mouse_device_t;
|
type device_t, mouse_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1580,7 +1580,7 @@ define(`dev_read_mouse',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_read_input',`
|
interface(`dev_read_input',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, event_device_t;
|
type device_t, event_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1601,7 +1601,7 @@ define(`dev_read_input',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_read_cpuid',`
|
interface(`dev_read_cpuid',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, cpu_device_t;
|
type device_t, cpu_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1623,7 +1623,7 @@ define(`dev_read_cpuid',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_rw_cpu_microcode',`
|
interface(`dev_rw_cpu_microcode',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, cpu_device_t;
|
type device_t, cpu_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1644,7 +1644,7 @@ define(`dev_rw_cpu_microcode',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_getattr_scanner',`
|
interface(`dev_getattr_scanner',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, scanner_device_t;
|
type device_t, scanner_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1666,7 +1666,7 @@ define(`dev_getattr_scanner',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_dontaudit_getattr_scanner',`
|
interface(`dev_dontaudit_getattr_scanner',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type scanner_device_t;
|
type scanner_device_t;
|
||||||
class chr_file getattr;
|
class chr_file getattr;
|
||||||
@ -1685,7 +1685,7 @@ define(`dev_dontaudit_getattr_scanner',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_setattr_scanner',`
|
interface(`dev_setattr_scanner',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, scanner_device_t;
|
type device_t, scanner_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1707,7 +1707,7 @@ define(`dev_setattr_scanner',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_dontaudit_setattr_scanner',`
|
interface(`dev_dontaudit_setattr_scanner',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type scanner_device_t;
|
type scanner_device_t;
|
||||||
class chr_file getattr;
|
class chr_file getattr;
|
||||||
@ -1726,7 +1726,7 @@ define(`dev_dontaudit_setattr_scanner',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_rw_scanner',`
|
interface(`dev_rw_scanner',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, scanner_device_t;
|
type device_t, scanner_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1747,7 +1747,7 @@ define(`dev_rw_scanner',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_getattr_power_management',`
|
interface(`dev_getattr_power_management',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, power_device_t;
|
type device_t, power_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1768,7 +1768,7 @@ define(`dev_getattr_power_management',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_setattr_power_management',`
|
interface(`dev_setattr_power_management',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, power_device_t;
|
type device_t, power_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1789,7 +1789,7 @@ define(`dev_setattr_power_management',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_rw_power_management',`
|
interface(`dev_rw_power_management',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, power_device_t;
|
type device_t, power_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1810,7 +1810,7 @@ define(`dev_rw_power_management',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_getattr_sysfs_dir',`
|
interface(`dev_getattr_sysfs_dir',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type sysfs_t;
|
type sysfs_t;
|
||||||
class dir getattr;
|
class dir getattr;
|
||||||
@ -1829,7 +1829,7 @@ define(`dev_getattr_sysfs_dir',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_search_sysfs',`
|
interface(`dev_search_sysfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type sysfs_t;
|
type sysfs_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -1848,7 +1848,7 @@ define(`dev_search_sysfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_read_sysfs',`
|
interface(`dev_read_sysfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type sysfs_t;
|
type sysfs_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1870,7 +1870,7 @@ define(`dev_read_sysfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_rw_sysfs',`
|
interface(`dev_rw_sysfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type sysfs_t;
|
type sysfs_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1893,7 +1893,7 @@ define(`dev_rw_sysfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_search_usbfs',`
|
interface(`dev_search_usbfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type usbfs_t;
|
type usbfs_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -1912,7 +1912,7 @@ define(`dev_search_usbfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_list_usbfs',`
|
interface(`dev_list_usbfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type usbfs_t;
|
type usbfs_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1936,7 +1936,7 @@ define(`dev_list_usbfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_read_usbfs',`
|
interface(`dev_read_usbfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type usbfs_t;
|
type usbfs_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1958,7 +1958,7 @@ define(`dev_read_usbfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_rw_usbfs',`
|
interface(`dev_rw_usbfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type usbfs_t;
|
type usbfs_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1981,7 +1981,7 @@ define(`dev_rw_usbfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_getattr_video_dev',`
|
interface(`dev_getattr_video_dev',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, v4l_device_t;
|
type device_t, v4l_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -2002,7 +2002,7 @@ define(`dev_getattr_video_dev',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`dev_setattr_video_dev',`
|
interface(`dev_setattr_video_dev',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type device_t, v4l_device_t;
|
type device_t, v4l_device_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_make_fs',`
|
interface(`fs_make_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute fs_type;
|
attribute fs_type;
|
||||||
')
|
')
|
||||||
@ -31,7 +31,7 @@ define(`fs_make_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_make_noxattr_fs',`
|
interface(`fs_make_noxattr_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute noxattrfs;
|
attribute noxattrfs;
|
||||||
')
|
')
|
||||||
@ -54,7 +54,7 @@ define(`fs_make_noxattr_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_associate',`
|
interface(`fs_associate',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type fs_t;
|
type fs_t;
|
||||||
class filesystem associate;
|
class filesystem associate;
|
||||||
@ -77,7 +77,7 @@ define(`fs_associate',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_associate_noxattr',`
|
interface(`fs_associate_noxattr',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute noxattrfs;
|
attribute noxattrfs;
|
||||||
class filesystem associate;
|
class filesystem associate;
|
||||||
@ -98,7 +98,7 @@ define(`fs_associate_noxattr',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_mount_xattr_fs',`
|
interface(`fs_mount_xattr_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type fs_t;
|
type fs_t;
|
||||||
class filesystem mount;
|
class filesystem mount;
|
||||||
@ -120,7 +120,7 @@ define(`fs_mount_xattr_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_remount_xattr_fs',`
|
interface(`fs_remount_xattr_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type fs_t;
|
type fs_t;
|
||||||
class filesystem remount;
|
class filesystem remount;
|
||||||
@ -141,7 +141,7 @@ define(`fs_remount_xattr_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_unmount_xattr_fs',`
|
interface(`fs_unmount_xattr_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type fs_t;
|
type fs_t;
|
||||||
class filesystem unmount;
|
class filesystem unmount;
|
||||||
@ -163,7 +163,7 @@ define(`fs_unmount_xattr_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_getattr_xattr_fs',`
|
interface(`fs_getattr_xattr_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type fs_t;
|
type fs_t;
|
||||||
class filesystem getattr;
|
class filesystem getattr;
|
||||||
@ -185,7 +185,7 @@ define(`fs_getattr_xattr_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_dontaudit_getattr_xattr_fs',`
|
interface(`fs_dontaudit_getattr_xattr_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type fs_t;
|
type fs_t;
|
||||||
class filesystem getattr;
|
class filesystem getattr;
|
||||||
@ -206,7 +206,7 @@ define(`fs_dontaudit_getattr_xattr_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_relabelfrom_xattr_fs',`
|
interface(`fs_relabelfrom_xattr_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type fs_t;
|
type fs_t;
|
||||||
class filesystem relabelfrom;
|
class filesystem relabelfrom;
|
||||||
@ -225,7 +225,7 @@ define(`fs_relabelfrom_xattr_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_mount_autofs',`
|
interface(`fs_mount_autofs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type autofs_t;
|
type autofs_t;
|
||||||
class filesystem mount;
|
class filesystem mount;
|
||||||
@ -246,7 +246,7 @@ define(`fs_mount_autofs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_remount_autofs',`
|
interface(`fs_remount_autofs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type autofs_t;
|
type autofs_t;
|
||||||
class filesystem remount;
|
class filesystem remount;
|
||||||
@ -265,7 +265,7 @@ define(`fs_remount_autofs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_unmount_autofs',`
|
interface(`fs_unmount_autofs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type autofs_t;
|
type autofs_t;
|
||||||
class filesystem unmount;
|
class filesystem unmount;
|
||||||
@ -286,7 +286,7 @@ define(`fs_unmount_autofs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_getattr_autofs',`
|
interface(`fs_getattr_autofs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type autofs_t;
|
type autofs_t;
|
||||||
class filesystem getattr;
|
class filesystem getattr;
|
||||||
@ -312,7 +312,7 @@ define(`fs_getattr_autofs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_register_binary_executable_type',`
|
interface(`fs_register_binary_executable_type',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type binfmt_misc_fs_t;
|
type binfmt_misc_fs_t;
|
||||||
class dir { getattr search };
|
class dir { getattr search };
|
||||||
@ -333,7 +333,7 @@ define(`fs_register_binary_executable_type',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_mount_cifs',`
|
interface(`fs_mount_cifs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type cifs_t;
|
type cifs_t;
|
||||||
class filesystem mount;
|
class filesystem mount;
|
||||||
@ -353,7 +353,7 @@ define(`fs_mount_cifs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_remount_cifs',`
|
interface(`fs_remount_cifs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type cifs_t;
|
type cifs_t;
|
||||||
class filesystem remount;
|
class filesystem remount;
|
||||||
@ -372,7 +372,7 @@ define(`fs_remount_cifs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_unmount_cifs',`
|
interface(`fs_unmount_cifs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type cifs_t;
|
type cifs_t;
|
||||||
class filesystem unmount;
|
class filesystem unmount;
|
||||||
@ -393,7 +393,7 @@ define(`fs_unmount_cifs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_getattr_cifs',`
|
interface(`fs_getattr_cifs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type cifs_t;
|
type cifs_t;
|
||||||
class filesystem getattr;
|
class filesystem getattr;
|
||||||
@ -412,7 +412,7 @@ define(`fs_getattr_cifs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_read_cifs_files',`
|
interface(`fs_read_cifs_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type cifs_t;
|
type cifs_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -434,7 +434,7 @@ define(`fs_read_cifs_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_dontaudit_rw_cifs_files',`
|
interface(`fs_dontaudit_rw_cifs_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type cifs_t;
|
type cifs_t;
|
||||||
class file { read write };
|
class file { read write };
|
||||||
@ -453,7 +453,7 @@ define(`fs_dontaudit_rw_cifs_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_read_cifs_symlinks',`
|
interface(`fs_read_cifs_symlinks',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type cifs_t;
|
type cifs_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -476,7 +476,7 @@ define(`fs_read_cifs_symlinks',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_execute_cifs_files',`
|
interface(`fs_execute_cifs_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type cifs_t;
|
type cifs_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -497,7 +497,7 @@ define(`fs_execute_cifs_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_read_cifs_files',`
|
interface(`fs_read_cifs_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type cifs_t;
|
type cifs_t;
|
||||||
class file { read write };
|
class file { read write };
|
||||||
@ -517,7 +517,7 @@ define(`fs_read_cifs_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_manage_cifs_dirs',`
|
interface(`fs_manage_cifs_dirs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type cifs_t;
|
type cifs_t;
|
||||||
class dir create_dir_perms;
|
class dir create_dir_perms;
|
||||||
@ -537,7 +537,7 @@ define(`fs_manage_cifs_dirs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_manage_cifs_files',`
|
interface(`fs_manage_cifs_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type cifs_t;
|
type cifs_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -559,7 +559,7 @@ define(`fs_manage_cifs_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_manage_cifs_symlinks',`
|
interface(`fs_manage_cifs_symlinks',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type cifs_t;
|
type cifs_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -581,7 +581,7 @@ define(`fs_manage_cifs_symlinks',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_manage_cifs_named_pipes',`
|
interface(`fs_manage_cifs_named_pipes',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type cifs_t;
|
type cifs_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -603,7 +603,7 @@ define(`fs_manage_cifs_named_pipes',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_manage_cifs_named_sockets',`
|
interface(`fs_manage_cifs_named_sockets',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type cifs_t;
|
type cifs_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -625,7 +625,7 @@ define(`fs_manage_cifs_named_sockets',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_mount_dos_fs',`
|
interface(`fs_mount_dos_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type dosfs_t;
|
type dosfs_t;
|
||||||
class filesystem mount;
|
class filesystem mount;
|
||||||
@ -646,7 +646,7 @@ define(`fs_mount_dos_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_remount_dos_fs',`
|
interface(`fs_remount_dos_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type dosfs_t;
|
type dosfs_t;
|
||||||
class filesystem remount;
|
class filesystem remount;
|
||||||
@ -666,7 +666,7 @@ define(`fs_remount_dos_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_unmount_dos_fs',`
|
interface(`fs_unmount_dos_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type dosfs_t;
|
type dosfs_t;
|
||||||
class filesystem unmount;
|
class filesystem unmount;
|
||||||
@ -687,7 +687,7 @@ define(`fs_unmount_dos_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_getattr_dos_fs',`
|
interface(`fs_getattr_dos_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type dosfs_t;
|
type dosfs_t;
|
||||||
class filesystem getattr;
|
class filesystem getattr;
|
||||||
@ -707,7 +707,7 @@ define(`fs_getattr_dos_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_relabelfrom_dos_fs',`
|
interface(`fs_relabelfrom_dos_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type dosfs_t;
|
type dosfs_t;
|
||||||
class filesystem relabelfrom;
|
class filesystem relabelfrom;
|
||||||
@ -727,7 +727,7 @@ define(`fs_relabelfrom_dos_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_mount_iso9660_fs',`
|
interface(`fs_mount_iso9660_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type iso9660_t;
|
type iso9660_t;
|
||||||
class filesystem mount;
|
class filesystem mount;
|
||||||
@ -748,7 +748,7 @@ define(`fs_mount_iso9660_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_remount_iso9660_fs',`
|
interface(`fs_remount_iso9660_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type iso9660_t;
|
type iso9660_t;
|
||||||
class filesystem remount;
|
class filesystem remount;
|
||||||
@ -768,7 +768,7 @@ define(`fs_remount_iso9660_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_unmount_iso9660_fs',`
|
interface(`fs_unmount_iso9660_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type iso9660_t;
|
type iso9660_t;
|
||||||
class filesystem unmount;
|
class filesystem unmount;
|
||||||
@ -789,7 +789,7 @@ define(`fs_unmount_iso9660_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_getattr_iso9660_fs',`
|
interface(`fs_getattr_iso9660_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type iso9660_t;
|
type iso9660_t;
|
||||||
class filesystem getattr;
|
class filesystem getattr;
|
||||||
@ -808,7 +808,7 @@ define(`fs_getattr_iso9660_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_mount_nfs',`
|
interface(`fs_mount_nfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type nfs_t;
|
type nfs_t;
|
||||||
class filesystem mount;
|
class filesystem mount;
|
||||||
@ -828,7 +828,7 @@ define(`fs_mount_nfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_remount_nfs',`
|
interface(`fs_remount_nfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type nfs_t;
|
type nfs_t;
|
||||||
class filesystem remount;
|
class filesystem remount;
|
||||||
@ -847,7 +847,7 @@ define(`fs_remount_nfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_unmount_nfs',`
|
interface(`fs_unmount_nfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type nfs_t;
|
type nfs_t;
|
||||||
class filesystem unmount;
|
class filesystem unmount;
|
||||||
@ -867,7 +867,7 @@ define(`fs_unmount_nfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_getattr_nfs',`
|
interface(`fs_getattr_nfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type nfs_t;
|
type nfs_t;
|
||||||
class filesystem getattr;
|
class filesystem getattr;
|
||||||
@ -886,7 +886,7 @@ define(`fs_getattr_nfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_read_nfs_files',`
|
interface(`fs_read_nfs_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type nfs_t;
|
type nfs_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -907,7 +907,7 @@ define(`fs_read_nfs_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_execute_nfs_files',`
|
interface(`fs_execute_nfs_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type nfs_t;
|
type nfs_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -928,7 +928,7 @@ define(`fs_execute_nfs_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_dontaudit_rw_nfs_files',`
|
interface(`fs_dontaudit_rw_nfs_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type nfs_t;
|
type nfs_t;
|
||||||
class file { read write };
|
class file { read write };
|
||||||
@ -947,7 +947,7 @@ define(`fs_dontaudit_rw_nfs_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_read_nfs_symlinks',`
|
interface(`fs_read_nfs_symlinks',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type nfs_t;
|
type nfs_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -969,7 +969,7 @@ define(`fs_read_nfs_symlinks',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_manage_nfs_dirs',`
|
interface(`fs_manage_nfs_dirs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type nfs_t;
|
type nfs_t;
|
||||||
class dir create_dir_perms;
|
class dir create_dir_perms;
|
||||||
@ -989,7 +989,7 @@ define(`fs_manage_nfs_dirs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_manage_nfs_files',`
|
interface(`fs_manage_nfs_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type nfs_t;
|
type nfs_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -1011,7 +1011,7 @@ define(`fs_manage_nfs_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_manage_nfs_symlinks',`
|
interface(`fs_manage_nfs_symlinks',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type nfs_t;
|
type nfs_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1033,7 +1033,7 @@ define(`fs_manage_nfs_symlinks',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_manage_nfs_named_pipes',`
|
interface(`fs_manage_nfs_named_pipes',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type nfs_t;
|
type nfs_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -1055,7 +1055,7 @@ define(`fs_manage_nfs_named_pipes',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_manage_nfs_named_sockets',`
|
interface(`fs_manage_nfs_named_sockets',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type nfs_t;
|
type nfs_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -1076,7 +1076,7 @@ define(`fs_manage_nfs_named_sockets',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_mount_nfsd_fs',`
|
interface(`fs_mount_nfsd_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type nfsd_fs_t;
|
type nfsd_fs_t;
|
||||||
class filesystem mount;
|
class filesystem mount;
|
||||||
@ -1096,7 +1096,7 @@ define(`fs_mount_nfsd_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_remount_nfsd_fs',`
|
interface(`fs_remount_nfsd_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type nfsd_fs_t;
|
type nfsd_fs_t;
|
||||||
class filesystem remount;
|
class filesystem remount;
|
||||||
@ -1115,7 +1115,7 @@ define(`fs_remount_nfsd_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_unmount_nfsd_fs',`
|
interface(`fs_unmount_nfsd_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type nfsd_fs_t;
|
type nfsd_fs_t;
|
||||||
class filesystem unmount;
|
class filesystem unmount;
|
||||||
@ -1136,7 +1136,7 @@ define(`fs_unmount_nfsd_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_getattr_nfsd_fs',`
|
interface(`fs_getattr_nfsd_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type nfsd_fs_t;
|
type nfsd_fs_t;
|
||||||
class filesystem getattr;
|
class filesystem getattr;
|
||||||
@ -1155,7 +1155,7 @@ define(`fs_getattr_nfsd_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_mount_ramfs',`
|
interface(`fs_mount_ramfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type ramfs_t;
|
type ramfs_t;
|
||||||
class filesystem mount;
|
class filesystem mount;
|
||||||
@ -1175,7 +1175,7 @@ define(`fs_mount_ramfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_remount_ramfs',`
|
interface(`fs_remount_ramfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type ramfs_t;
|
type ramfs_t;
|
||||||
class filesystem remount;
|
class filesystem remount;
|
||||||
@ -1194,7 +1194,7 @@ define(`fs_remount_ramfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_unmount_ramfs',`
|
interface(`fs_unmount_ramfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type ramfs_t;
|
type ramfs_t;
|
||||||
class filesystem unmount;
|
class filesystem unmount;
|
||||||
@ -1214,7 +1214,7 @@ define(`fs_unmount_ramfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_getattr_ramfs',`
|
interface(`fs_getattr_ramfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type ramfs_t;
|
type ramfs_t;
|
||||||
class filesystem getattr;
|
class filesystem getattr;
|
||||||
@ -1233,7 +1233,7 @@ define(`fs_getattr_ramfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_mount_romfs',`
|
interface(`fs_mount_romfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type romfs_t;
|
type romfs_t;
|
||||||
class filesystem mount;
|
class filesystem mount;
|
||||||
@ -1253,7 +1253,7 @@ define(`fs_mount_romfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_remount_romfs',`
|
interface(`fs_remount_romfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type romfs_t;
|
type romfs_t;
|
||||||
class filesystem remount;
|
class filesystem remount;
|
||||||
@ -1272,7 +1272,7 @@ define(`fs_remount_romfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_unmount_romfs',`
|
interface(`fs_unmount_romfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type romfs_t;
|
type romfs_t;
|
||||||
class filesystem unmount;
|
class filesystem unmount;
|
||||||
@ -1293,7 +1293,7 @@ define(`fs_unmount_romfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_getattr_romfs',`
|
interface(`fs_getattr_romfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type romfs_t;
|
type romfs_t;
|
||||||
class filesystem getattr;
|
class filesystem getattr;
|
||||||
@ -1312,7 +1312,7 @@ define(`fs_getattr_romfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_mount_rpc_pipefs',`
|
interface(`fs_mount_rpc_pipefs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type rpc_pipefs_t;
|
type rpc_pipefs_t;
|
||||||
class filesystem mount;
|
class filesystem mount;
|
||||||
@ -1332,7 +1332,7 @@ define(`fs_mount_rpc_pipefs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_remount_rpc_pipefs',`
|
interface(`fs_remount_rpc_pipefs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type rpc_pipefs_t;
|
type rpc_pipefs_t;
|
||||||
class filesystem remount;
|
class filesystem remount;
|
||||||
@ -1351,7 +1351,7 @@ define(`fs_remount_rpc_pipefs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_unmount_rpc_pipefs',`
|
interface(`fs_unmount_rpc_pipefs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type rpc_pipefs_t;
|
type rpc_pipefs_t;
|
||||||
class filesystem unmount;
|
class filesystem unmount;
|
||||||
@ -1372,7 +1372,7 @@ define(`fs_unmount_rpc_pipefs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_getattr_rpc_pipefs',`
|
interface(`fs_getattr_rpc_pipefs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type rpc_pipefs_t;
|
type rpc_pipefs_t;
|
||||||
class filesystem getattr;
|
class filesystem getattr;
|
||||||
@ -1391,7 +1391,7 @@ define(`fs_getattr_rpc_pipefs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_mount_tmpfs',`
|
interface(`fs_mount_tmpfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tmpfs_t;
|
type tmpfs_t;
|
||||||
class filesystem mount;
|
class filesystem mount;
|
||||||
@ -1410,7 +1410,7 @@ define(`fs_mount_tmpfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_remount_tmpfs',`
|
interface(`fs_remount_tmpfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tmpfs_t;
|
type tmpfs_t;
|
||||||
class filesystem remount;
|
class filesystem remount;
|
||||||
@ -1429,7 +1429,7 @@ define(`fs_remount_tmpfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_unmount_tmpfs',`
|
interface(`fs_unmount_tmpfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tmpfs_t;
|
type tmpfs_t;
|
||||||
class filesystem unmount;
|
class filesystem unmount;
|
||||||
@ -1450,7 +1450,7 @@ define(`fs_unmount_tmpfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_getattr_tmpfs',`
|
interface(`fs_getattr_tmpfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tmpfs_t;
|
type tmpfs_t;
|
||||||
class filesystem getattr;
|
class filesystem getattr;
|
||||||
@ -1469,7 +1469,7 @@ define(`fs_getattr_tmpfs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_associate_tmpfs',`
|
interface(`fs_associate_tmpfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tmpfs_t;
|
type tmpfs_t;
|
||||||
class filesystem associate;
|
class filesystem associate;
|
||||||
@ -1482,7 +1482,7 @@ define(`fs_associate_tmpfs',`
|
|||||||
#
|
#
|
||||||
# fs_create_tmpfs_data(domain,derivedtype,[class])
|
# fs_create_tmpfs_data(domain,derivedtype,[class])
|
||||||
#
|
#
|
||||||
define(`fs_create_tmpfs_data',`
|
interface(`fs_create_tmpfs_data',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tmpfs_t;
|
type tmpfs_t;
|
||||||
class filesystem associate;
|
class filesystem associate;
|
||||||
@ -1509,7 +1509,7 @@ define(`fs_create_tmpfs_data',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_use_tmpfs_character_devices',`
|
interface(`fs_use_tmpfs_character_devices',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tmpfs_t;
|
type tmpfs_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1530,7 +1530,7 @@ define(`fs_use_tmpfs_character_devices',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_relabel_tmpfs_character_devices',`
|
interface(`fs_relabel_tmpfs_character_devices',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tmpfs_t;
|
type tmpfs_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1551,7 +1551,7 @@ define(`fs_relabel_tmpfs_character_devices',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_use_tmpfs_block_devices',`
|
interface(`fs_use_tmpfs_block_devices',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tmpfs_t;
|
type tmpfs_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1572,7 +1572,7 @@ define(`fs_use_tmpfs_block_devices',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_relabel_tmpfs_block_devices',`
|
interface(`fs_relabel_tmpfs_block_devices',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tmpfs_t;
|
type tmpfs_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1594,7 +1594,7 @@ define(`fs_relabel_tmpfs_block_devices',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_manage_tmpfs_character_devices',`
|
interface(`fs_manage_tmpfs_character_devices',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tmpfs_t;
|
type tmpfs_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -1616,7 +1616,7 @@ define(`fs_manage_tmpfs_character_devices',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_manage_tmpfs_block_devices',`
|
interface(`fs_manage_tmpfs_block_devices',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tmpfs_t;
|
type tmpfs_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -1637,7 +1637,7 @@ define(`fs_manage_tmpfs_block_devices',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_mount_all_fs',`
|
interface(`fs_mount_all_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute fs_type;
|
attribute fs_type;
|
||||||
class filesystem mount;
|
class filesystem mount;
|
||||||
@ -1657,7 +1657,7 @@ define(`fs_mount_all_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_remount_all_fs',`
|
interface(`fs_remount_all_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute fs_type;
|
attribute fs_type;
|
||||||
class filesystem remount;
|
class filesystem remount;
|
||||||
@ -1676,7 +1676,7 @@ define(`fs_remount_all_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_unmount_all_fs',`
|
interface(`fs_unmount_all_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute fs_type;
|
attribute fs_type;
|
||||||
class filesystem unmount;
|
class filesystem unmount;
|
||||||
@ -1697,7 +1697,7 @@ define(`fs_unmount_all_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_getattr_all_fs',`
|
interface(`fs_getattr_all_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute fs_type;
|
attribute fs_type;
|
||||||
class filesystem getattr;
|
class filesystem getattr;
|
||||||
@ -1716,7 +1716,7 @@ define(`fs_getattr_all_fs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_get_all_fs_quotas',`
|
interface(`fs_get_all_fs_quotas',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute fs_type;
|
attribute fs_type;
|
||||||
class filesystem quotaget;
|
class filesystem quotaget;
|
||||||
@ -1735,7 +1735,7 @@ define(`fs_get_all_fs_quotas',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`fs_set_all_quotas',`
|
interface(`fs_set_all_quotas',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute fs_type;
|
attribute fs_type;
|
||||||
class filesystem quotamod;
|
class filesystem quotamod;
|
||||||
@ -1748,7 +1748,7 @@ define(`fs_set_all_quotas',`
|
|||||||
#
|
#
|
||||||
# fs_getattr_all_files(type)
|
# fs_getattr_all_files(type)
|
||||||
#
|
#
|
||||||
define(`fs_getattr_all_files',`
|
interface(`fs_getattr_all_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute fs_type;
|
attribute fs_type;
|
||||||
class dir { search getattr };
|
class dir { search getattr };
|
||||||
|
@ -18,7 +18,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_userland_entry',`
|
interface(`kernel_userland_entry',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type kernel_t;
|
type kernel_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -45,7 +45,7 @@ define(`kernel_userland_entry',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_rootfs_mountpoint',`
|
interface(`kernel_rootfs_mountpoint',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type kernel_t;
|
type kernel_t;
|
||||||
class dir mounton;
|
class dir mounton;
|
||||||
@ -64,7 +64,7 @@ define(`kernel_rootfs_mountpoint',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_sigchld',`
|
interface(`kernel_sigchld',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type kernel_t;
|
type kernel_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -84,7 +84,7 @@ define(`kernel_sigchld',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_share_state',`
|
interface(`kernel_share_state',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type kernel_t;
|
type kernel_t;
|
||||||
class process share;
|
class process share;
|
||||||
@ -103,7 +103,7 @@ define(`kernel_share_state',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_use_fd',`
|
interface(`kernel_use_fd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type kernel_t;
|
type kernel_t;
|
||||||
class fd use;
|
class fd use;
|
||||||
@ -123,7 +123,7 @@ define(`kernel_use_fd',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_dontaudit_use_fd',`
|
interface(`kernel_dontaudit_use_fd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type kernel_t;
|
type kernel_t;
|
||||||
class fd use;
|
class fd use;
|
||||||
@ -142,7 +142,7 @@ define(`kernel_dontaudit_use_fd',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_load_module',`
|
interface(`kernel_load_module',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute can_load_kernmodule;
|
attribute can_load_kernmodule;
|
||||||
class capability sys_module;
|
class capability sys_module;
|
||||||
@ -162,7 +162,7 @@ define(`kernel_load_module',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_read_ring_buffer',`
|
interface(`kernel_read_ring_buffer',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type kernel_t;
|
type kernel_t;
|
||||||
class system syslog_read;
|
class system syslog_read;
|
||||||
@ -181,7 +181,7 @@ define(`kernel_read_ring_buffer',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_dontaudit_read_ring_buffer',`
|
interface(`kernel_dontaudit_read_ring_buffer',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type kernel_t;
|
type kernel_t;
|
||||||
class system syslog_read;
|
class system syslog_read;
|
||||||
@ -200,7 +200,7 @@ define(`kernel_dontaudit_read_ring_buffer',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_change_ring_buffer_level',`
|
interface(`kernel_change_ring_buffer_level',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type kernel_t;
|
type kernel_t;
|
||||||
class system syslog_console;
|
class system syslog_console;
|
||||||
@ -219,7 +219,7 @@ define(`kernel_change_ring_buffer_level',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_clear_ring_buffer',`
|
interface(`kernel_clear_ring_buffer',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type kernel_t;
|
type kernel_t;
|
||||||
class system syslog_mod;
|
class system syslog_mod;
|
||||||
@ -238,7 +238,7 @@ define(`kernel_clear_ring_buffer',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_get_sysvipc_info',`
|
interface(`kernel_get_sysvipc_info',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type kernel_t;
|
type kernel_t;
|
||||||
class system ipc_info;
|
class system ipc_info;
|
||||||
@ -257,7 +257,7 @@ define(`kernel_get_sysvipc_info',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_read_system_state',`
|
interface(`kernel_read_system_state',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t;
|
type proc_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -281,7 +281,7 @@ define(`kernel_read_system_state',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_dontaudit_read_system_state',`
|
interface(`kernel_dontaudit_read_system_state',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t;
|
type proc_t;
|
||||||
class file read;
|
class file read;
|
||||||
@ -300,7 +300,7 @@ define(`kernel_dontaudit_read_system_state',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_read_software_raid_state',`
|
interface(`kernel_read_software_raid_state',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, proc_mdstat_t;
|
type proc_t, proc_mdstat_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -321,7 +321,7 @@ define(`kernel_read_software_raid_state',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_getattr_core',`
|
interface(`kernel_getattr_core',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, proc_kcore_t;
|
type proc_t, proc_kcore_t;
|
||||||
class dir { search getattr read };
|
class dir { search getattr read };
|
||||||
@ -343,7 +343,7 @@ define(`kernel_getattr_core',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_dontaudit_getattr_core',`
|
interface(`kernel_dontaudit_getattr_core',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_kcore_t;
|
type proc_kcore_t;
|
||||||
class file getattr;
|
class file getattr;
|
||||||
@ -363,7 +363,7 @@ define(`kernel_dontaudit_getattr_core',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_read_messages',`
|
interface(`kernel_read_messages',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute can_receive_kernel_messages;
|
attribute can_receive_kernel_messages;
|
||||||
type proc_kmsg_t, proc_t;
|
type proc_kmsg_t, proc_t;
|
||||||
@ -387,7 +387,7 @@ define(`kernel_read_messages',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_getattr_message_if',`
|
interface(`kernel_getattr_message_if',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_kmsg_t, proc_t;
|
type proc_kmsg_t, proc_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -409,7 +409,7 @@ define(`kernel_getattr_message_if',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_dontaudit_getattr_message_if',`
|
interface(`kernel_dontaudit_getattr_message_if',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_kmsg_t, proc_t;
|
type proc_kmsg_t, proc_t;
|
||||||
class file getattr;
|
class file getattr;
|
||||||
@ -429,7 +429,7 @@ define(`kernel_dontaudit_getattr_message_if',`
|
|||||||
## </interface>
|
## </interface>
|
||||||
##
|
##
|
||||||
#
|
#
|
||||||
define(`kernel_read_network_state',`
|
interface(`kernel_read_network_state',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, proc_net_t;
|
type proc_t, proc_net_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -452,7 +452,7 @@ define(`kernel_read_network_state',`
|
|||||||
## </interface>
|
## </interface>
|
||||||
##
|
##
|
||||||
#
|
#
|
||||||
define(`kernel_dontaudit_search_sysctl_dir',`
|
interface(`kernel_dontaudit_search_sysctl_dir',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type sysctl_t;
|
type sysctl_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -471,7 +471,7 @@ define(`kernel_dontaudit_search_sysctl_dir',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_read_device_sysctl',`
|
interface(`kernel_read_device_sysctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, sysctl_t, sysctl_dev_t;
|
type proc_t, sysctl_t, sysctl_dev_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -494,7 +494,7 @@ define(`kernel_read_device_sysctl',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_rw_device_sysctl',`
|
interface(`kernel_rw_device_sysctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, sysctl_t, sysctl_dev_t;
|
type proc_t, sysctl_t, sysctl_dev_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -517,7 +517,7 @@ define(`kernel_rw_device_sysctl',`
|
|||||||
## </interface>
|
## </interface>
|
||||||
##
|
##
|
||||||
#
|
#
|
||||||
define(`kernel_read_vm_sysctl',`
|
interface(`kernel_read_vm_sysctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, sysctl_t, sysctl_vm_t;
|
type proc_t, sysctl_t, sysctl_vm_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -539,7 +539,7 @@ define(`kernel_read_vm_sysctl',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_rw_vm_sysctl',`
|
interface(`kernel_rw_vm_sysctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, sysctl_t, sysctl_vm_t;
|
type proc_t, sysctl_t, sysctl_vm_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -561,7 +561,7 @@ define(`kernel_rw_vm_sysctl',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_dontaudit_search_network_sysctl_dir',`
|
interface(`kernel_dontaudit_search_network_sysctl_dir',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type sysctl_net_t;
|
type sysctl_net_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -581,7 +581,7 @@ define(`kernel_dontaudit_search_network_sysctl_dir',`
|
|||||||
## </interface>
|
## </interface>
|
||||||
##
|
##
|
||||||
#
|
#
|
||||||
define(`kernel_read_net_sysctl',`
|
interface(`kernel_read_net_sysctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, sysctl_t, sysctl_net_t;
|
type proc_t, sysctl_t, sysctl_net_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -604,7 +604,7 @@ define(`kernel_read_net_sysctl',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_rw_net_sysctl',`
|
interface(`kernel_rw_net_sysctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, sysctl_t, sysctl_net_t;
|
type proc_t, sysctl_t, sysctl_net_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -628,7 +628,7 @@ define(`kernel_rw_net_sysctl',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_read_unix_sysctl',`
|
interface(`kernel_read_unix_sysctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, sysctl_t, sysctl_net_t, sysctl_net_unix_t;
|
type proc_t, sysctl_t, sysctl_net_t, sysctl_net_unix_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -652,7 +652,7 @@ define(`kernel_read_unix_sysctl',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_rw_unix_sysctl',`
|
interface(`kernel_rw_unix_sysctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, sysctl_t, sysctl_net_t, sysctl_net_unix_t;
|
type proc_t, sysctl_t, sysctl_net_t, sysctl_net_unix_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -675,7 +675,7 @@ define(`kernel_rw_unix_sysctl',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_read_hotplug_sysctl',`
|
interface(`kernel_read_hotplug_sysctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, sysctl_t, sysctl_kernel_t, sysctl_hotplug_t;
|
type proc_t, sysctl_t, sysctl_kernel_t, sysctl_hotplug_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -698,7 +698,7 @@ define(`kernel_read_hotplug_sysctl',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_rw_hotplug_sysctl',`
|
interface(`kernel_rw_hotplug_sysctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, sysctl_t, sysctl_kernel_t, sysctl_hotplug_t;
|
type proc_t, sysctl_t, sysctl_kernel_t, sysctl_hotplug_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -721,7 +721,7 @@ define(`kernel_rw_hotplug_sysctl',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_read_modprobe_sysctl',`
|
interface(`kernel_read_modprobe_sysctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, sysctl_t, sysctl_kernel_t, sysctl_modprobe_t;
|
type proc_t, sysctl_t, sysctl_kernel_t, sysctl_modprobe_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -744,7 +744,7 @@ define(`kernel_read_modprobe_sysctl',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_rw_modprobe_sysctl',`
|
interface(`kernel_rw_modprobe_sysctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, sysctl_t, sysctl_kernel_t, sysctl_modprobe_t;
|
type proc_t, sysctl_t, sysctl_kernel_t, sysctl_modprobe_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -767,7 +767,7 @@ define(`kernel_rw_modprobe_sysctl',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_read_kernel_sysctl',`
|
interface(`kernel_read_kernel_sysctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, sysctl_t, sysctl_kernel_t;
|
type proc_t, sysctl_t, sysctl_kernel_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -790,7 +790,7 @@ define(`kernel_read_kernel_sysctl',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_rw_kernel_sysctl',`
|
interface(`kernel_rw_kernel_sysctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, sysctl_t, sysctl_kernel_t;
|
type proc_t, sysctl_t, sysctl_kernel_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -813,7 +813,7 @@ define(`kernel_rw_kernel_sysctl',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_read_fs_sysctl',`
|
interface(`kernel_read_fs_sysctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, sysctl_t, sysctl_fs_t;
|
type proc_t, sysctl_t, sysctl_fs_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -836,7 +836,7 @@ define(`kernel_read_fs_sysctl',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_rw_fs_sysctl',`
|
interface(`kernel_rw_fs_sysctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, sysctl_t, sysctl_fs_t;
|
type proc_t, sysctl_t, sysctl_fs_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -859,7 +859,7 @@ define(`kernel_rw_fs_sysctl',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_read_irq_sysctl',`
|
interface(`kernel_read_irq_sysctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, sysctl_irq_t;
|
type proc_t, sysctl_irq_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -882,7 +882,7 @@ define(`kernel_read_irq_sysctl',`
|
|||||||
## </interface>
|
## </interface>
|
||||||
##
|
##
|
||||||
#
|
#
|
||||||
define(`kernel_rw_irq_sysctl',`
|
interface(`kernel_rw_irq_sysctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, sysctl_irq_t;
|
type proc_t, sysctl_irq_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -898,7 +898,7 @@ define(`kernel_rw_irq_sysctl',`
|
|||||||
#
|
#
|
||||||
# kernel_read_rpc_sysctl(domain)
|
# kernel_read_rpc_sysctl(domain)
|
||||||
#
|
#
|
||||||
define(`kernel_read_rpc_sysctl',`
|
interface(`kernel_read_rpc_sysctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, proc_net_t, sysctl_rpc_t;
|
type proc_t, proc_net_t, sysctl_rpc_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -915,7 +915,7 @@ define(`kernel_read_rpc_sysctl',`
|
|||||||
#
|
#
|
||||||
# kernel_rw_rpc_sysctl(domain)
|
# kernel_rw_rpc_sysctl(domain)
|
||||||
#
|
#
|
||||||
define(`kernel_rw_rpc_sysctl',`
|
interface(`kernel_rw_rpc_sysctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type proc_t, proc_net_t, sysctl_rpc_t;
|
type proc_t, proc_net_t, sysctl_rpc_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -938,7 +938,7 @@ define(`kernel_rw_rpc_sysctl',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_read_all_sysctl',`
|
interface(`kernel_read_all_sysctl',`
|
||||||
kernel_read_device_sysctl($1)
|
kernel_read_device_sysctl($1)
|
||||||
kernel_read_vm_sysctl($1)
|
kernel_read_vm_sysctl($1)
|
||||||
kernel_read_net_sysctl($1)
|
kernel_read_net_sysctl($1)
|
||||||
@ -961,7 +961,7 @@ define(`kernel_read_all_sysctl',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_rw_all_sysctl',`
|
interface(`kernel_rw_all_sysctl',`
|
||||||
kernel_rw_device_sysctl($1)
|
kernel_rw_device_sysctl($1)
|
||||||
kernel_rw_vm_sysctl($1)
|
kernel_rw_vm_sysctl($1)
|
||||||
kernel_rw_net_sysctl($1)
|
kernel_rw_net_sysctl($1)
|
||||||
@ -984,7 +984,7 @@ define(`kernel_rw_all_sysctl',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_kill_unlabeled',`
|
interface(`kernel_kill_unlabeled',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type unlabeled_t;
|
type unlabeled_t;
|
||||||
class process sigkill;
|
class process sigkill;
|
||||||
@ -1003,7 +1003,7 @@ define(`kernel_kill_unlabeled',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_signal_unlabeled',`
|
interface(`kernel_signal_unlabeled',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type unlabeled_t;
|
type unlabeled_t;
|
||||||
class process signal;
|
class process signal;
|
||||||
@ -1022,7 +1022,7 @@ define(`kernel_signal_unlabeled',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_signull_unlabeled',`
|
interface(`kernel_signull_unlabeled',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type unlabeled_t;
|
type unlabeled_t;
|
||||||
class process signull;
|
class process signull;
|
||||||
@ -1041,7 +1041,7 @@ define(`kernel_signull_unlabeled',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_sigstop_unlabeled',`
|
interface(`kernel_sigstop_unlabeled',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type unlabeled_t;
|
type unlabeled_t;
|
||||||
class process sigstop;
|
class process sigstop;
|
||||||
@ -1060,7 +1060,7 @@ define(`kernel_sigstop_unlabeled',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_sigchld_unlabeled',`
|
interface(`kernel_sigchld_unlabeled',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type unlabeled_t;
|
type unlabeled_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -1080,7 +1080,7 @@ define(`kernel_sigchld_unlabeled',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_dontaudit_getattr_unlabeled_blk_dev',`
|
interface(`kernel_dontaudit_getattr_unlabeled_blk_dev',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type unlabeled_t;
|
type unlabeled_t;
|
||||||
class process getattr;
|
class process getattr;
|
||||||
@ -1099,7 +1099,7 @@ define(`kernel_dontaudit_getattr_unlabeled_blk_dev',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`kernel_relabel_unlabeled',`
|
interface(`kernel_relabel_unlabeled',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type unlabeled_t;
|
type unlabeled_t;
|
||||||
class dir { getattr relabelfrom };
|
class dir { getattr relabelfrom };
|
||||||
|
@ -13,7 +13,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`selinux_get_fs_mount',`
|
interface(`selinux_get_fs_mount',`
|
||||||
# read /proc/filesystems to see if selinuxfs is supported
|
# read /proc/filesystems to see if selinuxfs is supported
|
||||||
# then read /proc/self/mount to see where selinuxfs is mounted
|
# then read /proc/self/mount to see where selinuxfs is mounted
|
||||||
kernel_read_system_state($1)
|
kernel_read_system_state($1)
|
||||||
@ -30,7 +30,7 @@ define(`selinux_get_fs_mount',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`selinux_get_enforce_mode',`
|
interface(`selinux_get_enforce_mode',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type security_t;
|
type security_t;
|
||||||
class dir { read search getattr };
|
class dir { read search getattr };
|
||||||
@ -52,7 +52,7 @@ define(`selinux_get_enforce_mode',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`selinux_set_enforce_mode',`
|
interface(`selinux_set_enforce_mode',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type security_t;
|
type security_t;
|
||||||
attribute can_setenforce;
|
attribute can_setenforce;
|
||||||
@ -78,7 +78,7 @@ define(`selinux_set_enforce_mode',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`selinux_load_policy',`
|
interface(`selinux_load_policy',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type security_t;
|
type security_t;
|
||||||
attribute can_load_policy;
|
attribute can_load_policy;
|
||||||
@ -108,7 +108,7 @@ define(`selinux_load_policy',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`selinux_set_boolean',`
|
interface(`selinux_set_boolean',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type security_t;
|
type security_t;
|
||||||
class dir { read search getattr };
|
class dir { read search getattr };
|
||||||
@ -139,7 +139,7 @@ define(`selinux_set_boolean',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`selinux_set_parameters',`
|
interface(`selinux_set_parameters',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type security_t;
|
type security_t;
|
||||||
attribute can_setsecparam;
|
attribute can_setsecparam;
|
||||||
@ -165,7 +165,7 @@ define(`selinux_set_parameters',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`selinux_validate_context',`
|
interface(`selinux_validate_context',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type security_t;
|
type security_t;
|
||||||
class dir { read search getattr };
|
class dir { read search getattr };
|
||||||
@ -188,7 +188,7 @@ define(`selinux_validate_context',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`selinux_compute_access_vector',`
|
interface(`selinux_compute_access_vector',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type security_t;
|
type security_t;
|
||||||
class dir { read search getattr };
|
class dir { read search getattr };
|
||||||
@ -211,7 +211,7 @@ define(`selinux_compute_access_vector',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`selinux_compute_create_context',`
|
interface(`selinux_compute_create_context',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type security_t;
|
type security_t;
|
||||||
class dir { read search getattr };
|
class dir { read search getattr };
|
||||||
@ -234,7 +234,7 @@ define(`selinux_compute_create_context',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`selinux_compute_relabel_context',`
|
interface(`selinux_compute_relabel_context',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type security_t;
|
type security_t;
|
||||||
class dir { read search getattr };
|
class dir { read search getattr };
|
||||||
@ -257,7 +257,7 @@ define(`selinux_compute_relabel_context',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`selinux_compute_user_contexts',`
|
interface(`selinux_compute_user_contexts',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type security_t;
|
type security_t;
|
||||||
class dir { read search getattr };
|
class dir { read search getattr };
|
||||||
|
@ -12,7 +12,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_getattr_fixed_disk',`
|
interface(`storage_getattr_fixed_disk',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type fixed_disk_device_t;
|
type fixed_disk_device_t;
|
||||||
class blk_file getattr;
|
class blk_file getattr;
|
||||||
@ -33,7 +33,7 @@ define(`storage_getattr_fixed_disk',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_dontaudit_getattr_fixed_disk',`
|
interface(`storage_dontaudit_getattr_fixed_disk',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type fixed_disk_device_t;
|
type fixed_disk_device_t;
|
||||||
class blk_file getattr;
|
class blk_file getattr;
|
||||||
@ -53,7 +53,7 @@ define(`storage_dontaudit_getattr_fixed_disk',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_setattr_fixed_disk',`
|
interface(`storage_setattr_fixed_disk',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type fixed_disk_device_t;
|
type fixed_disk_device_t;
|
||||||
class blk_file setattr;
|
class blk_file setattr;
|
||||||
@ -74,7 +74,7 @@ define(`storage_setattr_fixed_disk',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_dontaudit_setattr_fixed_disk',`
|
interface(`storage_dontaudit_setattr_fixed_disk',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type fixed_disk_device_t;
|
type fixed_disk_device_t;
|
||||||
class blk_file getattr;
|
class blk_file getattr;
|
||||||
@ -96,7 +96,7 @@ define(`storage_dontaudit_setattr_fixed_disk',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_raw_read_fixed_disk',`
|
interface(`storage_raw_read_fixed_disk',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute fixed_disk_raw_read;
|
attribute fixed_disk_raw_read;
|
||||||
type fixed_disk_device_t;
|
type fixed_disk_device_t;
|
||||||
@ -121,7 +121,7 @@ define(`storage_raw_read_fixed_disk',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_raw_write_fixed_disk',`
|
interface(`storage_raw_write_fixed_disk',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute fixed_disk_raw_write;
|
attribute fixed_disk_raw_write;
|
||||||
type fixed_disk_device_t;
|
type fixed_disk_device_t;
|
||||||
@ -143,7 +143,7 @@ define(`storage_raw_write_fixed_disk',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_create_fixed_disk_dev_entry',`
|
interface(`storage_create_fixed_disk_dev_entry',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute fixed_disk_raw_read, fixed_disk_raw_write;
|
attribute fixed_disk_raw_read, fixed_disk_raw_write;
|
||||||
type fixed_disk_device_t;
|
type fixed_disk_device_t;
|
||||||
@ -165,7 +165,7 @@ define(`storage_create_fixed_disk_dev_entry',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_manage_fixed_disk',`
|
interface(`storage_manage_fixed_disk',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute fixed_disk_raw_read, fixed_disk_raw_write;
|
attribute fixed_disk_raw_read, fixed_disk_raw_write;
|
||||||
type fixed_disk_device_t;
|
type fixed_disk_device_t;
|
||||||
@ -190,7 +190,7 @@ define(`storage_manage_fixed_disk',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_raw_read_lvm_volume',`
|
interface(`storage_raw_read_lvm_volume',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute fixed_disk_raw_read;
|
attribute fixed_disk_raw_read;
|
||||||
type lvm_vg_t;
|
type lvm_vg_t;
|
||||||
@ -215,7 +215,7 @@ define(`storage_raw_read_lvm_volume',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_raw_write_lvm_volume',`
|
interface(`storage_raw_write_lvm_volume',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute fixed_disk_raw_write;
|
attribute fixed_disk_raw_write;
|
||||||
type lvm_vg_t;
|
type lvm_vg_t;
|
||||||
@ -238,7 +238,7 @@ define(`storage_raw_write_lvm_volume',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_getattr_scsi_generic',`
|
interface(`storage_getattr_scsi_generic',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type scsi_generic_device_t;
|
type scsi_generic_device_t;
|
||||||
class blk_file getattr;
|
class blk_file getattr;
|
||||||
@ -259,7 +259,7 @@ define(`storage_getattr_scsi_generic',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_setattr_scsi_generic',`
|
interface(`storage_setattr_scsi_generic',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type scsi_generic_device_t;
|
type scsi_generic_device_t;
|
||||||
class blk_file setattr;
|
class blk_file setattr;
|
||||||
@ -283,7 +283,7 @@ define(`storage_setattr_scsi_generic',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_read_scsi_generic',`
|
interface(`storage_read_scsi_generic',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute scsi_generic_read;
|
attribute scsi_generic_read;
|
||||||
type scsi_generic_device_t;
|
type scsi_generic_device_t;
|
||||||
@ -309,7 +309,7 @@ define(`storage_read_scsi_generic',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_write_scsi_generic',`
|
interface(`storage_write_scsi_generic',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute scsi_generic_write;
|
attribute scsi_generic_write;
|
||||||
type scsi_generic_device_t;
|
type scsi_generic_device_t;
|
||||||
@ -332,7 +332,7 @@ define(`storage_write_scsi_generic',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_getattr_scsi_generic',`
|
interface(`storage_getattr_scsi_generic',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type scsi_generic_device_t;
|
type scsi_generic_device_t;
|
||||||
class blk_file getattr;
|
class blk_file getattr;
|
||||||
@ -353,7 +353,7 @@ define(`storage_getattr_scsi_generic',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_set_scsi_generic_attributes',`
|
interface(`storage_set_scsi_generic_attributes',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type scsi_generic_device_t;
|
type scsi_generic_device_t;
|
||||||
class blk_file setattr;
|
class blk_file setattr;
|
||||||
@ -374,7 +374,7 @@ define(`storage_set_scsi_generic_attributes',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_getattr_removable_device',`
|
interface(`storage_getattr_removable_device',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type removable_device_t;
|
type removable_device_t;
|
||||||
class blk_file getattr;
|
class blk_file getattr;
|
||||||
@ -395,7 +395,7 @@ define(`storage_getattr_removable_device',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_dontaudit_getattr_removable_device',`
|
interface(`storage_dontaudit_getattr_removable_device',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type removable_device_t;
|
type removable_device_t;
|
||||||
class blk_file getattr;
|
class blk_file getattr;
|
||||||
@ -415,7 +415,7 @@ define(`storage_dontaudit_getattr_removable_device',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_setattr_removable_device',`
|
interface(`storage_setattr_removable_device',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type removable_device_t;
|
type removable_device_t;
|
||||||
class blk_file setattr;
|
class blk_file setattr;
|
||||||
@ -436,7 +436,7 @@ define(`storage_setattr_removable_device',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_dontaudit_setattr_removable_device',`
|
interface(`storage_dontaudit_setattr_removable_device',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type removable_device_t;
|
type removable_device_t;
|
||||||
class blk_file setattr;
|
class blk_file setattr;
|
||||||
@ -459,7 +459,7 @@ define(`storage_dontaudit_setattr_removable_device',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_raw_read_removable_device',`
|
interface(`storage_raw_read_removable_device',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type removable_device_t;
|
type removable_device_t;
|
||||||
class blk_file r_file_perms;
|
class blk_file r_file_perms;
|
||||||
@ -483,7 +483,7 @@ define(`storage_raw_read_removable_device',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_raw_write_removable_device',`
|
interface(`storage_raw_write_removable_device',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type removable_device_t;
|
type removable_device_t;
|
||||||
class blk_file { getattr write ioctl };
|
class blk_file { getattr write ioctl };
|
||||||
@ -504,7 +504,7 @@ define(`storage_raw_write_removable_device',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_read_tape_device',`
|
interface(`storage_read_tape_device',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tape_device_t;
|
type tape_device_t;
|
||||||
class blk_file r_file_perms;
|
class blk_file r_file_perms;
|
||||||
@ -525,7 +525,7 @@ define(`storage_read_tape_device',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_write_tape_device',`
|
interface(`storage_write_tape_device',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tape_device_t;
|
type tape_device_t;
|
||||||
class blk_file { getattr write ioctl };
|
class blk_file { getattr write ioctl };
|
||||||
@ -546,7 +546,7 @@ define(`storage_write_tape_device',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_getattr_tape_device',`
|
interface(`storage_getattr_tape_device',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tape_device_t;
|
type tape_device_t;
|
||||||
class blk_file getattr;
|
class blk_file getattr;
|
||||||
@ -567,7 +567,7 @@ define(`storage_getattr_tape_device',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`storage_setattr_tape_device',`
|
interface(`storage_setattr_tape_device',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tape_device_t;
|
type tape_device_t;
|
||||||
class blk_file setattr;
|
class blk_file setattr;
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_pty',`
|
interface(`term_pty',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute ptynode;
|
attribute ptynode;
|
||||||
type devpts_t;
|
type devpts_t;
|
||||||
@ -38,7 +38,7 @@ define(`term_pty',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_user_pty',`
|
interface(`term_user_pty',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute server_ptynode;
|
attribute server_ptynode;
|
||||||
')
|
')
|
||||||
@ -58,7 +58,7 @@ define(`term_user_pty',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_login_pty',`
|
interface(`term_login_pty',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute server_ptynode;
|
attribute server_ptynode;
|
||||||
')
|
')
|
||||||
@ -77,7 +77,7 @@ define(`term_login_pty',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_tty',`
|
interface(`term_tty',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute ttynode;
|
attribute ttynode;
|
||||||
type tty_device_t;
|
type tty_device_t;
|
||||||
@ -110,7 +110,7 @@ define(`term_tty',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_create_pty',`
|
interface(`term_create_pty',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type bsdpty_device_t, devpts_t, ptmx_t;
|
type bsdpty_device_t, devpts_t, ptmx_t;
|
||||||
class filesystem getattr;
|
class filesystem getattr;
|
||||||
@ -138,7 +138,7 @@ define(`term_create_pty',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_use_all_terms',`
|
interface(`term_use_all_terms',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute ttynode, ptynode;
|
attribute ttynode, ptynode;
|
||||||
type console_device_t, devpts_t, tty_device_t;
|
type console_device_t, devpts_t, tty_device_t;
|
||||||
@ -161,7 +161,7 @@ define(`term_use_all_terms',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_write_console',`
|
interface(`term_write_console',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type console_device_t;
|
type console_device_t;
|
||||||
class chr_file write;
|
class chr_file write;
|
||||||
@ -181,7 +181,7 @@ define(`term_write_console',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_use_console',`
|
interface(`term_use_console',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type console_device_t;
|
type console_device_t;
|
||||||
class chr_file rw_file_perms;
|
class chr_file rw_file_perms;
|
||||||
@ -202,7 +202,7 @@ define(`term_use_console',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_dontaudit_use_console',`
|
interface(`term_dontaudit_use_console',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type console_device_t;
|
type console_device_t;
|
||||||
class chr_file { read write };
|
class chr_file { read write };
|
||||||
@ -222,7 +222,7 @@ define(`term_dontaudit_use_console',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_setattr_console',`
|
interface(`term_setattr_console',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type console_device_t;
|
type console_device_t;
|
||||||
class chr_file setattr;
|
class chr_file setattr;
|
||||||
@ -243,7 +243,7 @@ define(`term_setattr_console',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_list_ptys',`
|
interface(`term_list_ptys',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type devpts_t;
|
type devpts_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -264,7 +264,7 @@ define(`term_list_ptys',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_dontaudit_list_ptys',`
|
interface(`term_dontaudit_list_ptys',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type devpts_t;
|
type devpts_t;
|
||||||
class dir { getattr search read };
|
class dir { getattr search read };
|
||||||
@ -285,7 +285,7 @@ define(`term_dontaudit_list_ptys',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_use_generic_pty',`
|
interface(`term_use_generic_pty',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type devpts_t;
|
type devpts_t;
|
||||||
class chr_file { read write };
|
class chr_file { read write };
|
||||||
@ -307,7 +307,7 @@ define(`term_use_generic_pty',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_dontaudit_use_generic_pty',`
|
interface(`term_dontaudit_use_generic_pty',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type devpts_t;
|
type devpts_t;
|
||||||
class chr_file { read write };
|
class chr_file { read write };
|
||||||
@ -327,7 +327,7 @@ define(`term_dontaudit_use_generic_pty',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_use_controlling_term',`
|
interface(`term_use_controlling_term',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type devtty_t;
|
type devtty_t;
|
||||||
class chr_file { getattr read write ioctl };
|
class chr_file { getattr read write ioctl };
|
||||||
@ -348,7 +348,7 @@ define(`term_use_controlling_term',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_dontaudit_use_ptmx',`
|
interface(`term_dontaudit_use_ptmx',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type ptmx_t;
|
type ptmx_t;
|
||||||
class chr_file { getattr read write };
|
class chr_file { getattr read write };
|
||||||
@ -368,7 +368,7 @@ define(`term_dontaudit_use_ptmx',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_getattr_all_user_ptys',`
|
interface(`term_getattr_all_user_ptys',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute ptynode;
|
attribute ptynode;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -390,7 +390,7 @@ define(`term_getattr_all_user_ptys',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_use_all_user_ptys',`
|
interface(`term_use_all_user_ptys',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute ptynode;
|
attribute ptynode;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -413,7 +413,7 @@ define(`term_use_all_user_ptys',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_dontaudit_use_all_user_ptys',`
|
interface(`term_dontaudit_use_all_user_ptys',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute ptynode;
|
attribute ptynode;
|
||||||
class chr_file { read write };
|
class chr_file { read write };
|
||||||
@ -433,7 +433,7 @@ define(`term_dontaudit_use_all_user_ptys',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_relabel_all_user_ptys',`
|
interface(`term_relabel_all_user_ptys',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute ptynode;
|
attribute ptynode;
|
||||||
class chr_file { relabelfrom relabelto };
|
class chr_file { relabelfrom relabelto };
|
||||||
@ -454,7 +454,7 @@ define(`term_relabel_all_user_ptys',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_getattr_unallocated_ttys',`
|
interface(`term_getattr_unallocated_ttys',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tty_device_t;
|
type tty_device_t;
|
||||||
class chr_file getattr;
|
class chr_file getattr;
|
||||||
@ -475,7 +475,7 @@ define(`term_getattr_unallocated_ttys',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_setattr_unallocated_ttys',`
|
interface(`term_setattr_unallocated_ttys',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tty_device_t;
|
type tty_device_t;
|
||||||
class chr_file setattr;
|
class chr_file setattr;
|
||||||
@ -496,7 +496,7 @@ define(`term_setattr_unallocated_ttys',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_relabel_unallocated_ttys',`
|
interface(`term_relabel_unallocated_ttys',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tty_device_t;
|
type tty_device_t;
|
||||||
class chr_file { relabelfrom relabelto };
|
class chr_file { relabelfrom relabelto };
|
||||||
@ -517,7 +517,7 @@ define(`term_relabel_unallocated_ttys',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_reset_tty_labels',`
|
interface(`term_reset_tty_labels',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute ttynode;
|
attribute ttynode;
|
||||||
type tty_device_t;
|
type tty_device_t;
|
||||||
@ -539,7 +539,7 @@ define(`term_reset_tty_labels',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_write_unallocated_ttys',`
|
interface(`term_write_unallocated_ttys',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tty_device_t;
|
type tty_device_t;
|
||||||
class chr_file { getattr write };
|
class chr_file { getattr write };
|
||||||
@ -559,7 +559,7 @@ define(`term_write_unallocated_ttys',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_use_unallocated_tty',`
|
interface(`term_use_unallocated_tty',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tty_device_t;
|
type tty_device_t;
|
||||||
class chr_file { getattr read write ioctl };
|
class chr_file { getattr read write ioctl };
|
||||||
@ -580,7 +580,7 @@ define(`term_use_unallocated_tty',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_dontaudit_use_unallocated_tty',`
|
interface(`term_dontaudit_use_unallocated_tty',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tty_device_t;
|
type tty_device_t;
|
||||||
class chr_file { read write };
|
class chr_file { read write };
|
||||||
@ -600,7 +600,7 @@ define(`term_dontaudit_use_unallocated_tty',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_getattr_all_user_ttys',`
|
interface(`term_getattr_all_user_ttys',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute ttynode;
|
attribute ttynode;
|
||||||
class chr_file getattr;
|
class chr_file getattr;
|
||||||
@ -622,7 +622,7 @@ define(`term_getattr_all_user_ttys',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_dontaudit_getattr_all_user_ttys',`
|
interface(`term_dontaudit_getattr_all_user_ttys',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute ttynode;
|
attribute ttynode;
|
||||||
class chr_file getattr;
|
class chr_file getattr;
|
||||||
@ -643,7 +643,7 @@ define(`term_dontaudit_getattr_all_user_ttys',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_setattr_all_user_ttys',`
|
interface(`term_setattr_all_user_ttys',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute ttynode;
|
attribute ttynode;
|
||||||
class chr_file setattr;
|
class chr_file setattr;
|
||||||
@ -664,7 +664,7 @@ define(`term_setattr_all_user_ttys',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_relabel_all_user_ttys',`
|
interface(`term_relabel_all_user_ttys',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute ttynode;
|
attribute ttynode;
|
||||||
class chr_file { relabelfrom relabelto };
|
class chr_file { relabelfrom relabelto };
|
||||||
@ -684,7 +684,7 @@ define(`term_relabel_all_user_ttys',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_write_all_user_ttys',`
|
interface(`term_write_all_user_ttys',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute ttynode;
|
attribute ttynode;
|
||||||
class chr_file { getattr write };
|
class chr_file { getattr write };
|
||||||
@ -704,7 +704,7 @@ define(`term_write_all_user_ttys',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_use_all_user_ttys',`
|
interface(`term_use_all_user_ttys',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute ttynode;
|
attribute ttynode;
|
||||||
class chr_file { getattr read write ioctl };
|
class chr_file { getattr read write ioctl };
|
||||||
@ -725,7 +725,7 @@ define(`term_use_all_user_ttys',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`term_dontaudit_use_all_user_ttys',`
|
interface(`term_dontaudit_use_all_user_ttys',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute ttynode;
|
attribute ttynode;
|
||||||
class chr_file { read write };
|
class chr_file { read write };
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
# cron_per_userdomain_template(domainprefix)
|
# cron_per_userdomain_template(domainprefix)
|
||||||
#
|
#
|
||||||
|
|
||||||
define(`cron_per_userdomain_template',`
|
template(`cron_per_userdomain_template',`
|
||||||
|
|
||||||
# Type of user crontabs once moved to cron spool.
|
# Type of user crontabs once moved to cron spool.
|
||||||
type $1_cron_spool_t;
|
type $1_cron_spool_t;
|
||||||
@ -217,7 +217,7 @@ define(`cron_per_userdomain_template',`
|
|||||||
# cron_admin_template(domainprefix)
|
# cron_admin_template(domainprefix)
|
||||||
#
|
#
|
||||||
|
|
||||||
define(`cron_admin_template',`
|
template(`cron_admin_template',`
|
||||||
logging_read_generic_logs($1_crond_t)
|
logging_read_generic_logs($1_crond_t)
|
||||||
|
|
||||||
# Allow our crontab domain to unlink a user cron spool file.
|
# Allow our crontab domain to unlink a user cron spool file.
|
||||||
@ -243,7 +243,7 @@ define(`cron_admin_template',`
|
|||||||
#
|
#
|
||||||
# cron_rw_log(domain)
|
# cron_rw_log(domain)
|
||||||
#
|
#
|
||||||
define(`cron_rw_log',`
|
interface(`cron_rw_log',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type crond_log_t;
|
type crond_log_t;
|
||||||
class file rw_file_perms;
|
class file rw_file_perms;
|
||||||
|
@ -7,7 +7,7 @@
|
|||||||
#
|
#
|
||||||
# mta_per_userdomain_template(userdomain_prefix)
|
# mta_per_userdomain_template(userdomain_prefix)
|
||||||
#
|
#
|
||||||
define(`mta_per_userdomain_template',`
|
template(`mta_per_userdomain_template',`
|
||||||
type $1_mail_t; # , user_mail_domain, nscd_client_domain;
|
type $1_mail_t; # , user_mail_domain, nscd_client_domain;
|
||||||
domain_type($1_mail_t)
|
domain_type($1_mail_t)
|
||||||
role $1_r types $1_mail_t;
|
role $1_r types $1_mail_t;
|
||||||
@ -138,7 +138,7 @@ define(`mta_per_userdomain_template',`
|
|||||||
#
|
#
|
||||||
# mta_mailserver(domain,entrypointtype)
|
# mta_mailserver(domain,entrypointtype)
|
||||||
#
|
#
|
||||||
define(`mta_mailserver',`
|
interface(`mta_mailserver',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute mailserver_domain;
|
attribute mailserver_domain;
|
||||||
')
|
')
|
||||||
@ -151,7 +151,7 @@ define(`mta_mailserver',`
|
|||||||
#
|
#
|
||||||
# mta_sendmail_mailserver(domain,entrypointtype)
|
# mta_sendmail_mailserver(domain,entrypointtype)
|
||||||
#
|
#
|
||||||
define(`mta_sendmail_mailserver',`
|
interface(`mta_sendmail_mailserver',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type sendmail_exec_t;
|
type sendmail_exec_t;
|
||||||
')
|
')
|
||||||
@ -163,7 +163,7 @@ define(`mta_sendmail_mailserver',`
|
|||||||
#
|
#
|
||||||
# mta_send_mail(domain)
|
# mta_send_mail(domain)
|
||||||
#
|
#
|
||||||
define(`mta_send_mail',`
|
interface(`mta_send_mail',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type system_mail_t, sendmail_exec_t;
|
type system_mail_t, sendmail_exec_t;
|
||||||
class lnk_file r_file_perms;
|
class lnk_file r_file_perms;
|
||||||
@ -185,7 +185,7 @@ define(`mta_send_mail',`
|
|||||||
#
|
#
|
||||||
# mta_exec(domain)
|
# mta_exec(domain)
|
||||||
#
|
#
|
||||||
define(`mta_exec',`
|
interface(`mta_exec',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type sendmail_exec_t;
|
type sendmail_exec_t;
|
||||||
')
|
')
|
||||||
@ -203,7 +203,7 @@ define(`mta_exec',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`mta_read_aliases',`
|
interface(`mta_read_aliases',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type etc_aliases_t;
|
type etc_aliases_t;
|
||||||
class file r_file_perms;
|
class file r_file_perms;
|
||||||
@ -217,7 +217,7 @@ define(`mta_read_aliases',`
|
|||||||
#
|
#
|
||||||
# mta_rw_aliases(domain)
|
# mta_rw_aliases(domain)
|
||||||
#
|
#
|
||||||
define(`mta_rw_aliases',`
|
interface(`mta_rw_aliases',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type etc_aliases_t;
|
type etc_aliases_t;
|
||||||
class file { rw_file_perms setattr };
|
class file { rw_file_perms setattr };
|
||||||
@ -231,7 +231,7 @@ define(`mta_rw_aliases',`
|
|||||||
#
|
#
|
||||||
# mta_getattr_spool(domain)
|
# mta_getattr_spool(domain)
|
||||||
#
|
#
|
||||||
define(`mta_getattr_spool',`
|
interface(`mta_getattr_spool',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type mail_spool_t;
|
type mail_spool_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -249,7 +249,7 @@ define(`mta_getattr_spool',`
|
|||||||
#
|
#
|
||||||
# mta_rw_spool(domain)
|
# mta_rw_spool(domain)
|
||||||
#
|
#
|
||||||
define(`mta_rw_spool',`
|
interface(`mta_rw_spool',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type mail_spool_t;
|
type mail_spool_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -265,7 +265,7 @@ define(`mta_rw_spool',`
|
|||||||
#
|
#
|
||||||
# mta_manage_spool(domain)
|
# mta_manage_spool(domain)
|
||||||
#
|
#
|
||||||
define(`mta_manage_spool',`
|
interface(`mta_manage_spool',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type mail_spool_t;
|
type mail_spool_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -281,7 +281,7 @@ define(`mta_manage_spool',`
|
|||||||
#
|
#
|
||||||
# mta_manage_queue(domain)
|
# mta_manage_queue(domain)
|
||||||
#
|
#
|
||||||
define(`mta_manage_queue',`
|
interface(`mta_manage_queue',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type mqueue_spool_t;
|
type mqueue_spool_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`remotelogin_domtrans',`
|
interface(`remotelogin_domtrans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type remote_login_t;
|
type remote_login_t;
|
||||||
')
|
')
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`sendmail_domtrans',`
|
interface(`sendmail_domtrans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type sendmail_exec_t, sendmail_t;
|
type sendmail_exec_t, sendmail_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
define(`ssh_per_userdomain_template',`
|
template(`ssh_per_userdomain_template',`
|
||||||
# Derived domain based on the calling user domain and the program.
|
# Derived domain based on the calling user domain and the program.
|
||||||
type $1_ssh_t; #, privlog, nscd_client_domain;
|
type $1_ssh_t; #, privlog, nscd_client_domain;
|
||||||
domain_type($1_ssh_t)
|
domain_type($1_ssh_t)
|
||||||
@ -155,7 +155,7 @@ define(`ssh_per_userdomain_template',`
|
|||||||
#
|
#
|
||||||
#
|
#
|
||||||
#
|
#
|
||||||
define(`sshd_program_domain', `
|
template(`sshd_program_domain', `
|
||||||
# auth_chkpwd is for running unix_chkpwd and unix_verify.
|
# auth_chkpwd is for running unix_chkpwd and unix_verify.
|
||||||
type $1_t; #, nscd_client_domain;
|
type $1_t; #, nscd_client_domain;
|
||||||
role system_r types $1_t;
|
role system_r types $1_t;
|
||||||
|
@ -7,7 +7,7 @@
|
|||||||
#
|
#
|
||||||
# authlogin_per_userdomain_template(userdomain_prefix)
|
# authlogin_per_userdomain_template(userdomain_prefix)
|
||||||
#
|
#
|
||||||
define(`authlogin_per_userdomain_template',`
|
interface(`authlogin_per_userdomain_template',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute can_read_shadow_passwords;
|
attribute can_read_shadow_passwords;
|
||||||
type chkpwd_exec_t, system_chkpwd_t, shadow_t;
|
type chkpwd_exec_t, system_chkpwd_t, shadow_t;
|
||||||
@ -98,7 +98,7 @@ define(`authlogin_per_userdomain_template',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`auth_login_entry_type',`
|
interface(`auth_login_entry_type',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type login_exec_t;
|
type login_exec_t;
|
||||||
')
|
')
|
||||||
@ -119,7 +119,7 @@ define(`auth_login_entry_type',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`auth_domtrans_login_program',`
|
interface(`auth_domtrans_login_program',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type login_exec_t;
|
type login_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -146,7 +146,7 @@ define(`auth_domtrans_login_program',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`auth_domtrans_chk_passwd',`
|
interface(`auth_domtrans_chk_passwd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type system_chkpwd_t, chkpwd_exec_t, shadow_t;
|
type system_chkpwd_t, chkpwd_exec_t, shadow_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -190,7 +190,7 @@ define(`auth_domtrans_chk_passwd',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`auth_dontaudit_getattr_shadow',`
|
interface(`auth_dontaudit_getattr_shadow',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type shadow_t;
|
type shadow_t;
|
||||||
class file stat_file_perms;
|
class file stat_file_perms;
|
||||||
@ -209,7 +209,7 @@ define(`auth_dontaudit_getattr_shadow',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`auth_read_shadow',`
|
interface(`auth_read_shadow',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute can_read_shadow_passwords;
|
attribute can_read_shadow_passwords;
|
||||||
type shadow_t;
|
type shadow_t;
|
||||||
@ -232,7 +232,7 @@ define(`auth_read_shadow',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`auth_dontaudit_read_shadow',`
|
interface(`auth_dontaudit_read_shadow',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type shadow_t;
|
type shadow_t;
|
||||||
class file r_file_perms;
|
class file r_file_perms;
|
||||||
@ -251,7 +251,7 @@ define(`auth_dontaudit_read_shadow',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`auth_rw_shadow',`
|
interface(`auth_rw_shadow',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute can_read_shadow_passwords, can_write_shadow_passwords;
|
attribute can_read_shadow_passwords, can_write_shadow_passwords;
|
||||||
type shadow_t;
|
type shadow_t;
|
||||||
@ -267,7 +267,7 @@ define(`auth_rw_shadow',`
|
|||||||
#
|
#
|
||||||
# auth_manage_shadow(domain)
|
# auth_manage_shadow(domain)
|
||||||
#
|
#
|
||||||
define(`auth_manage_shadow',`
|
interface(`auth_manage_shadow',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute can_read_shadow_passwords, can_write_shadow_passwords;
|
attribute can_read_shadow_passwords, can_write_shadow_passwords;
|
||||||
type shadow_t;
|
type shadow_t;
|
||||||
@ -284,7 +284,7 @@ define(`auth_manage_shadow',`
|
|||||||
#
|
#
|
||||||
# auth_relabelto_shadow(domain)
|
# auth_relabelto_shadow(domain)
|
||||||
#
|
#
|
||||||
define(`auth_relabelto_shadow',`
|
interface(`auth_relabelto_shadow',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute can_relabelto_shadow_passwords;
|
attribute can_relabelto_shadow_passwords;
|
||||||
type shadow_t;
|
type shadow_t;
|
||||||
@ -300,7 +300,7 @@ define(`auth_relabelto_shadow',`
|
|||||||
#
|
#
|
||||||
# auth_rw_faillog(domain)
|
# auth_rw_faillog(domain)
|
||||||
#
|
#
|
||||||
define(`auth_rw_faillog',`
|
interface(`auth_rw_faillog',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type faillog_t;
|
type faillog_t;
|
||||||
class file rw_file_perms;
|
class file rw_file_perms;
|
||||||
@ -314,7 +314,7 @@ define(`auth_rw_faillog',`
|
|||||||
#
|
#
|
||||||
# auth_rw_lastlog(domain)
|
# auth_rw_lastlog(domain)
|
||||||
#
|
#
|
||||||
define(`auth_rw_lastlog',`
|
interface(`auth_rw_lastlog',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type lastlog_t;
|
type lastlog_t;
|
||||||
class file { getattr read write setattr };
|
class file { getattr read write setattr };
|
||||||
@ -334,7 +334,7 @@ define(`auth_rw_lastlog',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`auth_domtrans_pam',`
|
interface(`auth_domtrans_pam',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type pam_t, pam_exec_t;
|
type pam_t, pam_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -366,7 +366,7 @@ define(`auth_domtrans_pam',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`auth_run_pam',`
|
interface(`auth_run_pam',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type pam_t;
|
type pam_t;
|
||||||
class chr_file rw_file_perms;
|
class chr_file rw_file_perms;
|
||||||
@ -387,7 +387,7 @@ define(`auth_run_pam',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`auth_exec_pam',`
|
interface(`auth_exec_pam',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type pam_exec_t;
|
type pam_exec_t;
|
||||||
')
|
')
|
||||||
@ -399,7 +399,7 @@ define(`auth_exec_pam',`
|
|||||||
#
|
#
|
||||||
# auth_read_pam_pid(domain)
|
# auth_read_pam_pid(domain)
|
||||||
#
|
#
|
||||||
define(`auth_read_pam_pid',`
|
interface(`auth_read_pam_pid',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type pam_var_run_t;
|
type pam_var_run_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -422,7 +422,7 @@ define(`auth_read_pam_pid',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`auth_delete_pam_pid',`
|
interface(`auth_delete_pam_pid',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type pam_var_run_t;
|
type pam_var_run_t;
|
||||||
class dir { getattr search read write remove_name };
|
class dir { getattr search read write remove_name };
|
||||||
@ -439,7 +439,7 @@ define(`auth_delete_pam_pid',`
|
|||||||
#
|
#
|
||||||
# auth_domtrans_pam_console(domain)
|
# auth_domtrans_pam_console(domain)
|
||||||
#
|
#
|
||||||
define(`auth_domtrans_pam_console',`
|
interface(`auth_domtrans_pam_console',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type pam_console_t, pam_console_exec_t;
|
type pam_console_t, pam_console_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -459,7 +459,7 @@ define(`auth_domtrans_pam_console',`
|
|||||||
#
|
#
|
||||||
# auth_list_pam_console_data(domain)
|
# auth_list_pam_console_data(domain)
|
||||||
#
|
#
|
||||||
define(`auth_list_pam_console_data',`
|
interface(`auth_list_pam_console_data',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type pam_var_console_t;
|
type pam_var_console_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -474,7 +474,7 @@ define(`auth_list_pam_console_data',`
|
|||||||
#
|
#
|
||||||
# auth_read_pam_console_data(domain)
|
# auth_read_pam_console_data(domain)
|
||||||
#
|
#
|
||||||
define(`auth_read_pam_console_data',`
|
interface(`auth_read_pam_console_data',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type pam_var_console_t;
|
type pam_var_console_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -491,7 +491,7 @@ define(`auth_read_pam_console_data',`
|
|||||||
#
|
#
|
||||||
# auth_manage_pam_console_data(domain)
|
# auth_manage_pam_console_data(domain)
|
||||||
#
|
#
|
||||||
define(`auth_manage_pam_console_data',`
|
interface(`auth_manage_pam_console_data',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type pam_var_console_t;
|
type pam_var_console_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -522,7 +522,7 @@ define(`auth_manage_pam_console_data',`
|
|||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
|
|
||||||
define(`auth_relabel_all_files_except_shadow',`
|
interface(`auth_relabel_all_files_except_shadow',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type shadow_t;
|
type shadow_t;
|
||||||
')
|
')
|
||||||
@ -546,7 +546,7 @@ define(`auth_relabel_all_files_except_shadow',`
|
|||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
|
|
||||||
define(`auth_manage_all_files_except_shadow',`
|
interface(`auth_manage_all_files_except_shadow',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type shadow_t;
|
type shadow_t;
|
||||||
')
|
')
|
||||||
@ -564,7 +564,7 @@ define(`auth_manage_all_files_except_shadow',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`auth_domtrans_utempter',`
|
interface(`auth_domtrans_utempter',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type utempter_t, utempter_exec_t;
|
type utempter_t, utempter_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -596,7 +596,7 @@ define(`auth_domtrans_utempter',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`auth_run_utempter',`
|
interface(`auth_run_utempter',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type utempter_t;
|
type utempter_t;
|
||||||
class chr_file rw_file_perms;
|
class chr_file rw_file_perms;
|
||||||
@ -611,7 +611,7 @@ define(`auth_run_utempter',`
|
|||||||
#
|
#
|
||||||
# auth_read_login_records(domain)
|
# auth_read_login_records(domain)
|
||||||
#
|
#
|
||||||
define(`auth_read_login_records',`
|
interface(`auth_read_login_records',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type wtmp_t;
|
type wtmp_t;
|
||||||
class file r_file_perms;
|
class file r_file_perms;
|
||||||
@ -625,7 +625,7 @@ define(`auth_read_login_records',`
|
|||||||
#
|
#
|
||||||
# auth_dontaudit_write_login_records(domain)
|
# auth_dontaudit_write_login_records(domain)
|
||||||
#
|
#
|
||||||
define(`auth_dontaudit_write_login_records',`
|
interface(`auth_dontaudit_write_login_records',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type wtmp_t;
|
type wtmp_t;
|
||||||
class file write;
|
class file write;
|
||||||
@ -638,7 +638,7 @@ define(`auth_dontaudit_write_login_records',`
|
|||||||
#
|
#
|
||||||
# auth_rw_login_records(domain)
|
# auth_rw_login_records(domain)
|
||||||
#
|
#
|
||||||
define(`auth_rw_login_records',`
|
interface(`auth_rw_login_records',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type wtmp_t;
|
type wtmp_t;
|
||||||
class file rw_file_perms;
|
class file rw_file_perms;
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`clock_domtrans',`
|
interface(`clock_domtrans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type hwclock_t, hwclock_exec_t;
|
type hwclock_t, hwclock_exec_t;
|
||||||
class fd use;
|
class fd use;
|
||||||
@ -43,7 +43,7 @@ define(`clock_domtrans',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`clock_run',`
|
interface(`clock_run',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type hwclock_t;
|
type hwclock_t;
|
||||||
class chr_file { getattr read write ioctl };
|
class chr_file { getattr read write ioctl };
|
||||||
@ -64,7 +64,7 @@ define(`clock_run',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`clock_exec',`
|
interface(`clock_exec',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type hwclock_exec_t;
|
type hwclock_exec_t;
|
||||||
')
|
')
|
||||||
@ -82,7 +82,7 @@ define(`clock_exec',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`clock_rw_adjtime',`
|
interface(`clock_rw_adjtime',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type adjtime_t;
|
type adjtime_t;
|
||||||
class file rw_file_perms;
|
class file rw_file_perms;
|
||||||
|
@ -8,7 +8,7 @@
|
|||||||
#
|
#
|
||||||
# corecmd_shell_entry_type(domain)
|
# corecmd_shell_entry_type(domain)
|
||||||
#
|
#
|
||||||
define(`corecmd_shell_entry_type',`
|
interface(`corecmd_shell_entry_type',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type shell_exec_t;
|
type shell_exec_t;
|
||||||
')
|
')
|
||||||
@ -20,7 +20,7 @@ define(`corecmd_shell_entry_type',`
|
|||||||
#
|
#
|
||||||
# corecmd_search_bin(domain)
|
# corecmd_search_bin(domain)
|
||||||
#
|
#
|
||||||
define(`corecmd_search_bin',`
|
interface(`corecmd_search_bin',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type bin_t;
|
type bin_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -33,7 +33,7 @@ define(`corecmd_search_bin',`
|
|||||||
#
|
#
|
||||||
# corecmd_list_bin(domain)
|
# corecmd_list_bin(domain)
|
||||||
#
|
#
|
||||||
define(`corecmd_list_bin',`
|
interface(`corecmd_list_bin',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type bin_t;
|
type bin_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -46,7 +46,7 @@ define(`corecmd_list_bin',`
|
|||||||
#
|
#
|
||||||
# corecmd_exec_bin(domain)
|
# corecmd_exec_bin(domain)
|
||||||
#
|
#
|
||||||
define(`corecmd_exec_bin',`
|
interface(`corecmd_exec_bin',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type bin_t;
|
type bin_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -63,7 +63,7 @@ define(`corecmd_exec_bin',`
|
|||||||
#
|
#
|
||||||
# corecmd_search_sbin(domain)
|
# corecmd_search_sbin(domain)
|
||||||
#
|
#
|
||||||
define(`corecmd_search_sbin',`
|
interface(`corecmd_search_sbin',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type sbin_t;
|
type sbin_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -76,7 +76,7 @@ define(`corecmd_search_sbin',`
|
|||||||
#
|
#
|
||||||
# corecmd_list_sbin(domain)
|
# corecmd_list_sbin(domain)
|
||||||
#
|
#
|
||||||
define(`corecmd_list_sbin',`
|
interface(`corecmd_list_sbin',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type sbin_t;
|
type sbin_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -89,7 +89,7 @@ define(`corecmd_list_sbin',`
|
|||||||
#
|
#
|
||||||
# corecmd_dontaudit_getattr_sbin_file(domain)
|
# corecmd_dontaudit_getattr_sbin_file(domain)
|
||||||
#
|
#
|
||||||
define(`corecmd_dontaudit_getattr_sbin_file',`
|
interface(`corecmd_dontaudit_getattr_sbin_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type sbin_t;
|
type sbin_t;
|
||||||
class file getattr;
|
class file getattr;
|
||||||
@ -102,7 +102,7 @@ define(`corecmd_dontaudit_getattr_sbin_file',`
|
|||||||
#
|
#
|
||||||
# corecmd_exec_sbin(domain)
|
# corecmd_exec_sbin(domain)
|
||||||
#
|
#
|
||||||
define(`corecmd_exec_sbin',`
|
interface(`corecmd_exec_sbin',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type sbin_t;
|
type sbin_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -119,7 +119,7 @@ define(`corecmd_exec_sbin',`
|
|||||||
#
|
#
|
||||||
# corecmd_exec_shell(domain)
|
# corecmd_exec_shell(domain)
|
||||||
#
|
#
|
||||||
define(`corecmd_exec_shell',`
|
interface(`corecmd_exec_shell',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type bin_t, shell_exec_t;
|
type bin_t, shell_exec_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -135,7 +135,7 @@ define(`corecmd_exec_shell',`
|
|||||||
#
|
#
|
||||||
# corecmd_exec_ls(domain)
|
# corecmd_exec_ls(domain)
|
||||||
#
|
#
|
||||||
define(`corecmd_exec_ls',`
|
interface(`corecmd_exec_ls',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type bin_t, ls_exec_t;
|
type bin_t, ls_exec_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -162,7 +162,7 @@ define(`corecmd_exec_ls',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corecmd_shell_spec_domtrans',`
|
interface(`corecmd_shell_spec_domtrans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type bin_t, shell_exec_t;
|
type bin_t, shell_exec_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -196,7 +196,7 @@ define(`corecmd_shell_spec_domtrans',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`corecmd_domtrans_shell',`
|
interface(`corecmd_domtrans_shell',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type shell_exec_t;
|
type shell_exec_t;
|
||||||
')
|
')
|
||||||
@ -209,7 +209,7 @@ define(`corecmd_domtrans_shell',`
|
|||||||
#
|
#
|
||||||
# corecmd_chroot_exec_chroot(domain)
|
# corecmd_chroot_exec_chroot(domain)
|
||||||
#
|
#
|
||||||
define(`corecmd_chroot_exec_chroot',`
|
interface(`corecmd_chroot_exec_chroot',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type chroot_exec_t;
|
type chroot_exec_t;
|
||||||
class capability sys_chroot;
|
class capability sys_chroot;
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
#
|
#
|
||||||
# domain_base_domain_type(domain)
|
# domain_base_domain_type(domain)
|
||||||
#
|
#
|
||||||
define(`domain_base_domain_type',`
|
interface(`domain_base_domain_type',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute domain;
|
attribute domain;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -30,7 +30,7 @@ define(`domain_base_domain_type',`
|
|||||||
#
|
#
|
||||||
# domain_type(domain)
|
# domain_type(domain)
|
||||||
#
|
#
|
||||||
define(`domain_type',`
|
interface(`domain_type',`
|
||||||
# start with basic domain
|
# start with basic domain
|
||||||
domain_base_domain_type($1)
|
domain_base_domain_type($1)
|
||||||
|
|
||||||
@ -56,7 +56,7 @@ define(`domain_type',`
|
|||||||
#
|
#
|
||||||
# domain_entry_file(domain,entrypointfile)
|
# domain_entry_file(domain,entrypointfile)
|
||||||
#
|
#
|
||||||
define(`domain_entry_file',`
|
interface(`domain_entry_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute entry_type;
|
attribute entry_type;
|
||||||
class file entrypoint;
|
class file entrypoint;
|
||||||
@ -71,7 +71,7 @@ define(`domain_entry_file',`
|
|||||||
#
|
#
|
||||||
# domain_wide_inherit_fd(domain)
|
# domain_wide_inherit_fd(domain)
|
||||||
#
|
#
|
||||||
define(`domain_wide_inherit_fd',`
|
interface(`domain_wide_inherit_fd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute privfd;
|
attribute privfd;
|
||||||
')
|
')
|
||||||
@ -90,7 +90,7 @@ define(`domain_wide_inherit_fd',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`domain_subj_id_change_exempt',`
|
interface(`domain_subj_id_change_exempt',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute can_change_process_identity;
|
attribute can_change_process_identity;
|
||||||
')
|
')
|
||||||
@ -109,7 +109,7 @@ define(`domain_subj_id_change_exempt',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`domain_role_change_exempt',`
|
interface(`domain_role_change_exempt',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute can_change_process_role;
|
attribute can_change_process_role;
|
||||||
')
|
')
|
||||||
@ -128,7 +128,7 @@ define(`domain_role_change_exempt',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`domain_obj_id_change_exempt',`
|
interface(`domain_obj_id_change_exempt',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute can_change_object_identity;
|
attribute can_change_object_identity;
|
||||||
')
|
')
|
||||||
@ -140,7 +140,7 @@ define(`domain_obj_id_change_exempt',`
|
|||||||
#
|
#
|
||||||
# domain_use_wide_inherit_fd(domain)
|
# domain_use_wide_inherit_fd(domain)
|
||||||
#
|
#
|
||||||
define(`domain_use_wide_inherit_fd',`
|
interface(`domain_use_wide_inherit_fd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute privfd;
|
attribute privfd;
|
||||||
class fd use;
|
class fd use;
|
||||||
@ -153,7 +153,7 @@ define(`domain_use_wide_inherit_fd',`
|
|||||||
#
|
#
|
||||||
# domain_dontaudit_use_wide_inherit_fd(domain)
|
# domain_dontaudit_use_wide_inherit_fd(domain)
|
||||||
#
|
#
|
||||||
define(`domain_dontaudit_use_wide_inherit_fd',`
|
interface(`domain_dontaudit_use_wide_inherit_fd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute privfd;
|
attribute privfd;
|
||||||
class fd use;
|
class fd use;
|
||||||
@ -166,7 +166,7 @@ define(`domain_dontaudit_use_wide_inherit_fd',`
|
|||||||
#
|
#
|
||||||
# domain_setpriority_all_domains(domain)
|
# domain_setpriority_all_domains(domain)
|
||||||
#
|
#
|
||||||
define(`domain_setpriority_all_domains',`
|
interface(`domain_setpriority_all_domains',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute domain;
|
attribute domain;
|
||||||
class process setsched;
|
class process setsched;
|
||||||
@ -185,7 +185,7 @@ define(`domain_setpriority_all_domains',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`domain_signal_all_domains',`
|
interface(`domain_signal_all_domains',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute domain;
|
attribute domain;
|
||||||
class process signal;
|
class process signal;
|
||||||
@ -204,7 +204,7 @@ define(`domain_signal_all_domains',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`domain_signull_all_domains',`
|
interface(`domain_signull_all_domains',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute domain;
|
attribute domain;
|
||||||
class process signull;
|
class process signull;
|
||||||
@ -223,7 +223,7 @@ define(`domain_signull_all_domains',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`domain_sigstop_all_domains',`
|
interface(`domain_sigstop_all_domains',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute domain;
|
attribute domain;
|
||||||
class process sigstop;
|
class process sigstop;
|
||||||
@ -242,7 +242,7 @@ define(`domain_sigstop_all_domains',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`domain_sigchld_all_domains',`
|
interface(`domain_sigchld_all_domains',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute domain;
|
attribute domain;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -261,7 +261,7 @@ define(`domain_sigchld_all_domains',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`domain_kill_all_domains',`
|
interface(`domain_kill_all_domains',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute domain;
|
attribute domain;
|
||||||
class process sigkill;
|
class process sigkill;
|
||||||
@ -282,7 +282,7 @@ define(`domain_kill_all_domains',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`domain_read_all_domains_state',`
|
interface(`domain_read_all_domains_state',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute domain;
|
attribute domain;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -314,7 +314,7 @@ define(`domain_read_all_domains_state',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`domain_dontaudit_list_all_domains_proc',`
|
interface(`domain_dontaudit_list_all_domains_proc',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute domain;
|
attribute domain;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -333,7 +333,7 @@ define(`domain_dontaudit_list_all_domains_proc',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`domain_getsession_all_domains',`
|
interface(`domain_getsession_all_domains',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute domain;
|
attribute domain;
|
||||||
class process getsession;
|
class process getsession;
|
||||||
@ -353,7 +353,7 @@ define(`domain_getsession_all_domains',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`domain_dontaudit_getattr_all_udp_sockets',`
|
interface(`domain_dontaudit_getattr_all_udp_sockets',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute domain;
|
attribute domain;
|
||||||
class udp_socket getattr;
|
class udp_socket getattr;
|
||||||
@ -373,7 +373,7 @@ define(`domain_dontaudit_getattr_all_udp_sockets',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`domain_dontaudit_getattr_all_tcp_sockets',`
|
interface(`domain_dontaudit_getattr_all_tcp_sockets',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute domain;
|
attribute domain;
|
||||||
class tcp_socket getattr;
|
class tcp_socket getattr;
|
||||||
@ -393,7 +393,7 @@ define(`domain_dontaudit_getattr_all_tcp_sockets',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`domain_dontaudit_getattr_all_unix_dgram_sockets',`
|
interface(`domain_dontaudit_getattr_all_unix_dgram_sockets',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute domain;
|
attribute domain;
|
||||||
class unix_dgram_socket getattr;
|
class unix_dgram_socket getattr;
|
||||||
@ -413,7 +413,7 @@ define(`domain_dontaudit_getattr_all_unix_dgram_sockets',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`domain_dontaudit_getattr_all_unnamed_pipes',`
|
interface(`domain_dontaudit_getattr_all_unnamed_pipes',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute domain;
|
attribute domain;
|
||||||
class fifo_file getattr;
|
class fifo_file getattr;
|
||||||
@ -426,7 +426,7 @@ define(`domain_dontaudit_getattr_all_unnamed_pipes',`
|
|||||||
#
|
#
|
||||||
# domain_exec_all_entry_files(domain)
|
# domain_exec_all_entry_files(domain)
|
||||||
#
|
#
|
||||||
define(`domain_exec_all_entry_files',`
|
interface(`domain_exec_all_entry_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute entry_type;
|
attribute entry_type;
|
||||||
')
|
')
|
||||||
@ -438,7 +438,7 @@ define(`domain_exec_all_entry_files',`
|
|||||||
#
|
#
|
||||||
# domain_read_all_entry_files(domain)
|
# domain_read_all_entry_files(domain)
|
||||||
#
|
#
|
||||||
define(`domain_read_all_entry_files',`
|
interface(`domain_read_all_entry_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute entry_type;
|
attribute entry_type;
|
||||||
class file r_file_perms;
|
class file r_file_perms;
|
||||||
@ -461,7 +461,7 @@ define(`domain_read_all_entry_files',`
|
|||||||
#
|
#
|
||||||
# domain_trans(source_domain,entrypoint_file,target_domain)
|
# domain_trans(source_domain,entrypoint_file,target_domain)
|
||||||
#
|
#
|
||||||
define(`domain_trans',`
|
interface(`domain_trans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
class file rx_file_perms;
|
class file rx_file_perms;
|
||||||
process { transition noatsecure siginh rlimitinh };
|
process { transition noatsecure siginh rlimitinh };
|
||||||
@ -476,7 +476,7 @@ define(`domain_trans',`
|
|||||||
#
|
#
|
||||||
# domain_auto_trans(source_domain,entrypoint_file,target_domain)
|
# domain_auto_trans(source_domain,entrypoint_file,target_domain)
|
||||||
#
|
#
|
||||||
define(`domain_auto_trans',`
|
interface(`domain_auto_trans',`
|
||||||
domain_trans($1,$2,$3)
|
domain_trans($1,$2,$3)
|
||||||
type_transition $1 $2:process $3;
|
type_transition $1 $2:process $3;
|
||||||
')
|
')
|
||||||
|
@ -20,7 +20,7 @@
|
|||||||
#
|
#
|
||||||
# files_file_type(type)
|
# files_file_type(type)
|
||||||
#
|
#
|
||||||
define(`files_file_type',`
|
interface(`files_file_type',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute file_type;
|
attribute file_type;
|
||||||
')
|
')
|
||||||
@ -34,7 +34,7 @@ define(`files_file_type',`
|
|||||||
#
|
#
|
||||||
# files_lock_file(type)
|
# files_lock_file(type)
|
||||||
#
|
#
|
||||||
define(`files_lock_file',`
|
interface(`files_lock_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute lockfile;
|
attribute lockfile;
|
||||||
')
|
')
|
||||||
@ -47,7 +47,7 @@ define(`files_lock_file',`
|
|||||||
#
|
#
|
||||||
# files_mountpoint(type)
|
# files_mountpoint(type)
|
||||||
#
|
#
|
||||||
define(`files_mountpoint',`
|
interface(`files_mountpoint',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute mountpoint;
|
attribute mountpoint;
|
||||||
')
|
')
|
||||||
@ -60,7 +60,7 @@ define(`files_mountpoint',`
|
|||||||
#
|
#
|
||||||
# files_pid_file(type)
|
# files_pid_file(type)
|
||||||
#
|
#
|
||||||
define(`files_pid_file',`
|
interface(`files_pid_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute pidfile;
|
attribute pidfile;
|
||||||
')
|
')
|
||||||
@ -73,7 +73,7 @@ define(`files_pid_file',`
|
|||||||
#
|
#
|
||||||
# files_tmp_file(type)
|
# files_tmp_file(type)
|
||||||
#
|
#
|
||||||
define(`files_tmp_file',`
|
interface(`files_tmp_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute tmpfile;
|
attribute tmpfile;
|
||||||
')
|
')
|
||||||
@ -93,7 +93,7 @@ define(`files_tmp_file',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`files_tmpfs_file',`
|
interface(`files_tmpfs_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute tmpfsfile;
|
attribute tmpfsfile;
|
||||||
')
|
')
|
||||||
@ -107,7 +107,7 @@ define(`files_tmpfs_file',`
|
|||||||
#
|
#
|
||||||
# files_getattr_all_files(domain)
|
# files_getattr_all_files(domain)
|
||||||
|
|
||||||
define(`files_getattr_all_files',`
|
interface(`files_getattr_all_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute file_type;
|
attribute file_type;
|
||||||
class dir { search getattr };
|
class dir { search getattr };
|
||||||
@ -139,7 +139,7 @@ define(`files_getattr_all_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`files_relabel_all_files',`
|
interface(`files_relabel_all_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute file_type;
|
attribute file_type;
|
||||||
class dir { r_dir_perms relabelfrom relabelto };
|
class dir { r_dir_perms relabelfrom relabelto };
|
||||||
@ -178,7 +178,7 @@ define(`files_relabel_all_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`files_manage_all_files',`
|
interface(`files_manage_all_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute file_type;
|
attribute file_type;
|
||||||
class dir create_dir_perms;
|
class dir create_dir_perms;
|
||||||
@ -203,7 +203,7 @@ define(`files_manage_all_files',`
|
|||||||
#
|
#
|
||||||
# files_search_all_dirs(domain)
|
# files_search_all_dirs(domain)
|
||||||
#
|
#
|
||||||
define(`files_search_all_dirs',`
|
interface(`files_search_all_dirs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute file_type;
|
attribute file_type;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -216,7 +216,7 @@ define(`files_search_all_dirs',`
|
|||||||
#
|
#
|
||||||
# files_list_all_dirs(domain)
|
# files_list_all_dirs(domain)
|
||||||
#
|
#
|
||||||
define(`files_list_all_dirs',`
|
interface(`files_list_all_dirs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute file_type;
|
attribute file_type;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -229,7 +229,7 @@ define(`files_list_all_dirs',`
|
|||||||
#
|
#
|
||||||
# files_dontaudit_search_all_dirs(domain)
|
# files_dontaudit_search_all_dirs(domain)
|
||||||
#
|
#
|
||||||
define(`files_dontaudit_search_all_dirs',`
|
interface(`files_dontaudit_search_all_dirs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute file_type;
|
attribute file_type;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -242,7 +242,7 @@ define(`files_dontaudit_search_all_dirs',`
|
|||||||
#
|
#
|
||||||
# files_relabelto_all_file_type_fs(domain)
|
# files_relabelto_all_file_type_fs(domain)
|
||||||
#
|
#
|
||||||
define(`files_relabelto_all_file_type_fs',`
|
interface(`files_relabelto_all_file_type_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute file_type;
|
attribute file_type;
|
||||||
filesystem relabelto;
|
filesystem relabelto;
|
||||||
@ -255,7 +255,7 @@ define(`files_relabelto_all_file_type_fs',`
|
|||||||
#
|
#
|
||||||
# files_mount_all_file_type_fs(domain)
|
# files_mount_all_file_type_fs(domain)
|
||||||
#
|
#
|
||||||
define(`files_mount_all_file_type_fs',`
|
interface(`files_mount_all_file_type_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute file_type;
|
attribute file_type;
|
||||||
filesystem mount;
|
filesystem mount;
|
||||||
@ -268,7 +268,7 @@ define(`files_mount_all_file_type_fs',`
|
|||||||
#
|
#
|
||||||
# files_unmount_all_file_type_fs(domain)
|
# files_unmount_all_file_type_fs(domain)
|
||||||
#
|
#
|
||||||
define(`files_unmount_all_file_type_fs',`
|
interface(`files_unmount_all_file_type_fs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute file_type;
|
attribute file_type;
|
||||||
filesystem mount;
|
filesystem mount;
|
||||||
@ -281,7 +281,7 @@ define(`files_unmount_all_file_type_fs',`
|
|||||||
#
|
#
|
||||||
# files_mounton_all_mountpoints(domain)
|
# files_mounton_all_mountpoints(domain)
|
||||||
#
|
#
|
||||||
define(`files_mounton_all_mountpoints',`
|
interface(`files_mounton_all_mountpoints',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute mountpoint;
|
attribute mountpoint;
|
||||||
class dir { getattr search mounton };
|
class dir { getattr search mounton };
|
||||||
@ -294,7 +294,7 @@ define(`files_mounton_all_mountpoints',`
|
|||||||
#
|
#
|
||||||
# files_list_root(domain)
|
# files_list_root(domain)
|
||||||
#
|
#
|
||||||
define(`files_list_root',`
|
interface(`files_list_root',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type root_t;
|
type root_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -326,7 +326,7 @@ define(`files_list_root',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`files_create_root',`
|
interface(`files_create_root',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type root_t;
|
type root_t;
|
||||||
class dir create_dir_perms;
|
class dir create_dir_perms;
|
||||||
@ -359,7 +359,7 @@ define(`files_create_root',`
|
|||||||
#
|
#
|
||||||
# files_dontaudit_read_root_file(domain)
|
# files_dontaudit_read_root_file(domain)
|
||||||
#
|
#
|
||||||
define(`files_dontaudit_read_root_file',`
|
interface(`files_dontaudit_read_root_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type root_t;
|
type root_t;
|
||||||
class file read;
|
class file read;
|
||||||
@ -372,7 +372,7 @@ define(`files_dontaudit_read_root_file',`
|
|||||||
#
|
#
|
||||||
# files_dontaudit_rw_root_file(domain)
|
# files_dontaudit_rw_root_file(domain)
|
||||||
#
|
#
|
||||||
define(`files_dontaudit_rw_root_file',`
|
interface(`files_dontaudit_rw_root_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type root_t;
|
type root_t;
|
||||||
class file { read write };
|
class file { read write };
|
||||||
@ -385,7 +385,7 @@ define(`files_dontaudit_rw_root_file',`
|
|||||||
#
|
#
|
||||||
# files_dontaudit_rw_root_chr_dev(domain)
|
# files_dontaudit_rw_root_chr_dev(domain)
|
||||||
#
|
#
|
||||||
define(`files_dontaudit_rw_root_chr_dev',`
|
interface(`files_dontaudit_rw_root_chr_dev',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type root_t;
|
type root_t;
|
||||||
class chr_file { read write };
|
class chr_file { read write };
|
||||||
@ -398,7 +398,7 @@ define(`files_dontaudit_rw_root_chr_dev',`
|
|||||||
#
|
#
|
||||||
# files_delete_root_dir_entry(domain)
|
# files_delete_root_dir_entry(domain)
|
||||||
#
|
#
|
||||||
define(`files_delete_root_dir_entry',`
|
interface(`files_delete_root_dir_entry',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type root_t;
|
type root_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -411,7 +411,7 @@ define(`files_delete_root_dir_entry',`
|
|||||||
#
|
#
|
||||||
# files_unmount_rootfs(domain)
|
# files_unmount_rootfs(domain)
|
||||||
#
|
#
|
||||||
define(`files_unmount_rootfs',`
|
interface(`files_unmount_rootfs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type root_t;
|
type root_t;
|
||||||
class filesystem unmount;
|
class filesystem unmount;
|
||||||
@ -424,7 +424,7 @@ define(`files_unmount_rootfs',`
|
|||||||
#
|
#
|
||||||
# files_search_etc(domain)
|
# files_search_etc(domain)
|
||||||
#
|
#
|
||||||
define(`files_search_etc',`
|
interface(`files_search_etc',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type etc_t;
|
type etc_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -437,7 +437,7 @@ define(`files_search_etc',`
|
|||||||
#
|
#
|
||||||
# files_list_etc(domain)
|
# files_list_etc(domain)
|
||||||
#
|
#
|
||||||
define(`files_list_etc',`
|
interface(`files_list_etc',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type etc_t;
|
type etc_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -450,7 +450,7 @@ define(`files_list_etc',`
|
|||||||
#
|
#
|
||||||
# files_read_generic_etc_files(domain)
|
# files_read_generic_etc_files(domain)
|
||||||
#
|
#
|
||||||
define(`files_read_generic_etc_files',`
|
interface(`files_read_generic_etc_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type etc_t;
|
type etc_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -467,7 +467,7 @@ define(`files_read_generic_etc_files',`
|
|||||||
#
|
#
|
||||||
# files_rw_generic_etc_files(domain)
|
# files_rw_generic_etc_files(domain)
|
||||||
#
|
#
|
||||||
define(`files_rw_generic_etc_files',`
|
interface(`files_rw_generic_etc_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type etc_t;
|
type etc_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -484,7 +484,7 @@ define(`files_rw_generic_etc_files',`
|
|||||||
#
|
#
|
||||||
# files_manage_generic_etc_files(domain)
|
# files_manage_generic_etc_files(domain)
|
||||||
#
|
#
|
||||||
define(`files_manage_generic_etc_files',`
|
interface(`files_manage_generic_etc_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type etc_t;
|
type etc_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -507,7 +507,7 @@ define(`files_manage_generic_etc_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`files_delete_generic_etc_files',`
|
interface(`files_delete_generic_etc_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type etc_t;
|
type etc_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -522,7 +522,7 @@ define(`files_delete_generic_etc_files',`
|
|||||||
#
|
#
|
||||||
# files_exec_generic_etc_files(domain)
|
# files_exec_generic_etc_files(domain)
|
||||||
#
|
#
|
||||||
define(`files_exec_generic_etc_files',`
|
interface(`files_exec_generic_etc_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type etc_t;
|
type etc_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -541,7 +541,7 @@ define(`files_exec_generic_etc_files',`
|
|||||||
#
|
#
|
||||||
# /halt, /.autofsck, etc
|
# /halt, /.autofsck, etc
|
||||||
#
|
#
|
||||||
define(`files_create_boot_flag',`
|
interface(`files_create_boot_flag',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type root_t, etc_runtime_t;
|
type root_t, etc_runtime_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -557,7 +557,7 @@ define(`files_create_boot_flag',`
|
|||||||
#
|
#
|
||||||
# files_manage_etc_runtime_files(type)
|
# files_manage_etc_runtime_files(type)
|
||||||
#
|
#
|
||||||
define(`files_manage_etc_runtime_files',`
|
interface(`files_manage_etc_runtime_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type etc_t, etc_runtime_t;
|
type etc_t, etc_runtime_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -573,7 +573,7 @@ define(`files_manage_etc_runtime_files',`
|
|||||||
#
|
#
|
||||||
# files_read_etc_runtime_files(domain)
|
# files_read_etc_runtime_files(domain)
|
||||||
#
|
#
|
||||||
define(`files_read_etc_runtime_files',`
|
interface(`files_read_etc_runtime_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type etc_t, etc_runtime_t;
|
type etc_t, etc_runtime_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -588,7 +588,7 @@ define(`files_read_etc_runtime_files',`
|
|||||||
#
|
#
|
||||||
# files_create_etc_config(domain,privatetype,[class(es)])
|
# files_create_etc_config(domain,privatetype,[class(es)])
|
||||||
#
|
#
|
||||||
define(`files_create_etc_config',`
|
interface(`files_create_etc_config',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type etc_t;
|
type etc_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -606,7 +606,7 @@ define(`files_create_etc_config',`
|
|||||||
#
|
#
|
||||||
# files_rw_isid_type_dir(domain)
|
# files_rw_isid_type_dir(domain)
|
||||||
#
|
#
|
||||||
define(`files_rw_isid_type_dir',`
|
interface(`files_rw_isid_type_dir',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type file_t;
|
type file_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -619,7 +619,7 @@ define(`files_rw_isid_type_dir',`
|
|||||||
#
|
#
|
||||||
# files_dontaudit_getattr_isid_type_dir(domain)
|
# files_dontaudit_getattr_isid_type_dir(domain)
|
||||||
#
|
#
|
||||||
define(`files_dontaudit_getattr_isid_type_dir',`
|
interface(`files_dontaudit_getattr_isid_type_dir',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type file_t;
|
type file_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -632,7 +632,7 @@ define(`files_dontaudit_getattr_isid_type_dir',`
|
|||||||
#
|
#
|
||||||
# files_dontaudit_search_isid_type_dir(domain)
|
# files_dontaudit_search_isid_type_dir(domain)
|
||||||
#
|
#
|
||||||
define(`files_dontaudit_search_isid_type_dir',`
|
interface(`files_dontaudit_search_isid_type_dir',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type file_t;
|
type file_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -651,7 +651,7 @@ define(`files_dontaudit_search_isid_type_dir',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`files_list_home',`
|
interface(`files_list_home',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type home_root_t;
|
type home_root_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -664,7 +664,7 @@ define(`files_list_home',`
|
|||||||
#
|
#
|
||||||
# files_list_mnt(domain)
|
# files_list_mnt(domain)
|
||||||
#
|
#
|
||||||
define(`files_list_mnt',`
|
interface(`files_list_mnt',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type mnt_t;
|
type mnt_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -677,7 +677,7 @@ define(`files_list_mnt',`
|
|||||||
#
|
#
|
||||||
# files_create_tmp_files(domain,private_type,[object class(es)])
|
# files_create_tmp_files(domain,private_type,[object class(es)])
|
||||||
#
|
#
|
||||||
define(`files_create_tmp_files',`
|
interface(`files_create_tmp_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tmp_t;
|
type tmp_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -696,7 +696,7 @@ define(`files_create_tmp_files',`
|
|||||||
#
|
#
|
||||||
# files_delete_all_tmp_files(domain)
|
# files_delete_all_tmp_files(domain)
|
||||||
#
|
#
|
||||||
define(`files_delete_all_tmp_files',`
|
interface(`files_delete_all_tmp_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute tmpfile;
|
attribute tmpfile;
|
||||||
class dir { getattr search read write add_name remove_name rmdir };
|
class dir { getattr search read write add_name remove_name rmdir };
|
||||||
@ -717,7 +717,7 @@ define(`files_delete_all_tmp_files',`
|
|||||||
#
|
#
|
||||||
# files_search_usr(domain)
|
# files_search_usr(domain)
|
||||||
#
|
#
|
||||||
define(`files_search_usr',`
|
interface(`files_search_usr',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type usr_t;
|
type usr_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -730,7 +730,7 @@ define(`files_search_usr',`
|
|||||||
#
|
#
|
||||||
# files_read_usr_files(domain)
|
# files_read_usr_files(domain)
|
||||||
#
|
#
|
||||||
define(`files_read_usr_files',`
|
interface(`files_read_usr_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type usr_t;
|
type usr_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -752,7 +752,7 @@ define(`files_read_usr_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`files_exec_usr_files',`
|
interface(`files_exec_usr_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type usr_t, src_t;
|
type usr_t, src_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -770,7 +770,7 @@ define(`files_exec_usr_files',`
|
|||||||
#
|
#
|
||||||
# files_read_usr_src(domain)
|
# files_read_usr_src(domain)
|
||||||
#
|
#
|
||||||
define(`files_read_usr_src',`
|
interface(`files_read_usr_src',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type usr_t, src_t;
|
type usr_t, src_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -787,7 +787,7 @@ define(`files_read_usr_src',`
|
|||||||
#
|
#
|
||||||
# files_search_var(domain)
|
# files_search_var(domain)
|
||||||
#
|
#
|
||||||
define(`files_search_var',`
|
interface(`files_search_var',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_t;
|
type var_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -800,7 +800,7 @@ define(`files_search_var',`
|
|||||||
#
|
#
|
||||||
# files_dontaudit_search_var(domain)
|
# files_dontaudit_search_var(domain)
|
||||||
#
|
#
|
||||||
define(`files_dontaudit_search_var',`
|
interface(`files_dontaudit_search_var',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_t;
|
type var_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -819,7 +819,7 @@ define(`files_dontaudit_search_var',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`files_search_var_lib',`
|
interface(`files_search_var_lib',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_t, var_lib_t;
|
type var_t, var_lib_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -832,7 +832,7 @@ define(`files_search_var_lib',`
|
|||||||
#
|
#
|
||||||
# files_manage_urandom_seed(domain)
|
# files_manage_urandom_seed(domain)
|
||||||
#
|
#
|
||||||
define(`files_manage_urandom_seed',`
|
interface(`files_manage_urandom_seed',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_t, var_lib_t;
|
type var_t, var_lib_t;
|
||||||
class dir rw_file_perms;
|
class dir rw_file_perms;
|
||||||
@ -848,7 +848,7 @@ define(`files_manage_urandom_seed',`
|
|||||||
#
|
#
|
||||||
# files_getattr_generic_lock_files(domain)
|
# files_getattr_generic_lock_files(domain)
|
||||||
#
|
#
|
||||||
define(`files_getattr_generic_lock_files',`
|
interface(`files_getattr_generic_lock_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_lock_t;
|
type var_lock_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -863,7 +863,7 @@ define(`files_getattr_generic_lock_files',`
|
|||||||
#
|
#
|
||||||
# files_manage_generic_lock_files(domain)
|
# files_manage_generic_lock_files(domain)
|
||||||
#
|
#
|
||||||
define(`files_manage_generic_lock_files',`
|
interface(`files_manage_generic_lock_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_lock_t;
|
type var_lock_t;
|
||||||
class dir { getattr search create read write setattr add_name remove_name rmdir };
|
class dir { getattr search create read write setattr add_name remove_name rmdir };
|
||||||
@ -878,7 +878,7 @@ define(`files_manage_generic_lock_files',`
|
|||||||
#
|
#
|
||||||
# files_delete_all_lock_files(domain)
|
# files_delete_all_lock_files(domain)
|
||||||
#
|
#
|
||||||
define(`files_delete_all_lock_files',`
|
interface(`files_delete_all_lock_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute lockfile;
|
attribute lockfile;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -893,7 +893,7 @@ define(`files_delete_all_lock_files',`
|
|||||||
#
|
#
|
||||||
# files_create_lock_file(domain,private_type,[object class(es)])
|
# files_create_lock_file(domain,private_type,[object class(es)])
|
||||||
#
|
#
|
||||||
define(`files_create_lock_file',`
|
interface(`files_create_lock_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_t, var_lock_t;
|
type var_t, var_lock_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -913,7 +913,7 @@ define(`files_create_lock_file',`
|
|||||||
#
|
#
|
||||||
# files_search_pids(domain)
|
# files_search_pids(domain)
|
||||||
#
|
#
|
||||||
define(`files_search_pids',`
|
interface(`files_search_pids',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_t, var_run_t;
|
type var_t, var_run_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -927,7 +927,7 @@ define(`files_search_pids',`
|
|||||||
#
|
#
|
||||||
# files_dontaudit_search_pids(domain)
|
# files_dontaudit_search_pids(domain)
|
||||||
#
|
#
|
||||||
define(`files_dontaudit_search_pids',`
|
interface(`files_dontaudit_search_pids',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_run_t;
|
type var_run_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -940,7 +940,7 @@ define(`files_dontaudit_search_pids',`
|
|||||||
#
|
#
|
||||||
# files_list_pids(domain)
|
# files_list_pids(domain)
|
||||||
#
|
#
|
||||||
define(`files_list_pids',`
|
interface(`files_list_pids',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_t, var_run_t;
|
type var_t, var_run_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -954,7 +954,7 @@ define(`files_list_pids',`
|
|||||||
#
|
#
|
||||||
# files_create_pid(domain,pidfile,[object class(es)])
|
# files_create_pid(domain,pidfile,[object class(es)])
|
||||||
#
|
#
|
||||||
define(`files_create_pid',`
|
interface(`files_create_pid',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_t, var_run_t;
|
type var_t, var_run_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -974,7 +974,7 @@ define(`files_create_pid',`
|
|||||||
#
|
#
|
||||||
# files_rw_generic_pids(domain)
|
# files_rw_generic_pids(domain)
|
||||||
#
|
#
|
||||||
define(`files_rw_generic_pids',`
|
interface(`files_rw_generic_pids',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_t, var_run_t;
|
type var_t, var_run_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -996,7 +996,7 @@ define(`files_rw_generic_pids',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`files_dontaudit_write_all_pids',`
|
interface(`files_dontaudit_write_all_pids',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute pidfile;
|
attribute pidfile;
|
||||||
class file write;
|
class file write;
|
||||||
@ -1015,7 +1015,7 @@ define(`files_dontaudit_write_all_pids',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`files_dontaudit_ioctl_all_pids',`
|
interface(`files_dontaudit_ioctl_all_pids',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute pidfile;
|
attribute pidfile;
|
||||||
class file ioctl;
|
class file ioctl;
|
||||||
@ -1028,7 +1028,7 @@ define(`files_dontaudit_ioctl_all_pids',`
|
|||||||
#
|
#
|
||||||
# files_read_all_pids(domain)
|
# files_read_all_pids(domain)
|
||||||
#
|
#
|
||||||
define(`files_read_all_pids',`
|
interface(`files_read_all_pids',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute pidfile;
|
attribute pidfile;
|
||||||
type var_t;
|
type var_t;
|
||||||
@ -1045,7 +1045,7 @@ define(`files_read_all_pids',`
|
|||||||
#
|
#
|
||||||
# files_delete_all_pids(domain)
|
# files_delete_all_pids(domain)
|
||||||
#
|
#
|
||||||
define(`files_delete_all_pids',`
|
interface(`files_delete_all_pids',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute pidfile;
|
attribute pidfile;
|
||||||
type var_t, var_run_t;
|
type var_t, var_run_t;
|
||||||
@ -1067,7 +1067,7 @@ define(`files_delete_all_pids',`
|
|||||||
#
|
#
|
||||||
# files_search_spool(domain)
|
# files_search_spool(domain)
|
||||||
#
|
#
|
||||||
define(`files_search_spool',`
|
interface(`files_search_spool',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_t, var_spool_t;
|
type var_t, var_spool_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -1081,7 +1081,7 @@ define(`files_search_spool',`
|
|||||||
#
|
#
|
||||||
# files_list_spool(domain)
|
# files_list_spool(domain)
|
||||||
#
|
#
|
||||||
define(`files_list_spool',`
|
interface(`files_list_spool',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_t, var_spool_t;
|
type var_t, var_spool_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1095,7 +1095,7 @@ define(`files_list_spool',`
|
|||||||
#
|
#
|
||||||
# files_read_spools(domain)
|
# files_read_spools(domain)
|
||||||
#
|
#
|
||||||
define(`files_read_spools',`
|
interface(`files_read_spools',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_t, var_spool_t;
|
type var_t, var_spool_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -1111,7 +1111,7 @@ define(`files_read_spools',`
|
|||||||
#
|
#
|
||||||
# files_manage_spools(domain)
|
# files_manage_spools(domain)
|
||||||
#
|
#
|
||||||
define(`files_manage_spools',`
|
interface(`files_manage_spools',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_t, var_spool_t;
|
type var_t, var_spool_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`getty_domtrans',`
|
interface(`getty_domtrans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type getty_t, getty_exec_t;
|
type getty_t, getty_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -38,7 +38,7 @@ define(`getty_domtrans',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`getty_read_log',`
|
interface(`getty_read_log',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type getty_log_t;
|
type getty_log_t;
|
||||||
class file { getattr read };
|
class file { getattr read };
|
||||||
@ -58,7 +58,7 @@ define(`getty_read_log',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`getty_read_config',`
|
interface(`getty_read_config',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type getty_etc_t;
|
type getty_etc_t;
|
||||||
class file { getattr read };
|
class file { getattr read };
|
||||||
@ -78,7 +78,7 @@ define(`getty_read_config',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`getty_modify_config',`
|
interface(`getty_modify_config',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type getty_etc_t;
|
type getty_etc_t;
|
||||||
class file rw_file_perms;
|
class file rw_file_perms;
|
||||||
|
@ -12,7 +12,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`hostname_domtrans',`
|
interface(`hostname_domtrans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type hostname_t, hostname_exec_t;
|
type hostname_t, hostname_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -47,7 +47,7 @@ define(`hostname_domtrans',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`hostname_run',`
|
interface(`hostname_run',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type hostname_t;
|
type hostname_t;
|
||||||
class chr_file { getattr read write ioctl };
|
class chr_file { getattr read write ioctl };
|
||||||
@ -69,7 +69,7 @@ define(`hostname_run',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`hostname_exec',`
|
interface(`hostname_exec',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type hostname_exec_t;
|
type hostname_exec_t;
|
||||||
')
|
')
|
||||||
|
@ -8,7 +8,7 @@
|
|||||||
#
|
#
|
||||||
# hotplug_domtrans(domain)
|
# hotplug_domtrans(domain)
|
||||||
#
|
#
|
||||||
define(`hotplug_domtrans',`
|
interface(`hotplug_domtrans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type hotplug_t, hotplug_exec_t;
|
type hotplug_t, hotplug_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -29,7 +29,7 @@ define(`hotplug_domtrans',`
|
|||||||
#
|
#
|
||||||
# hotplug_exec(domain)
|
# hotplug_exec(domain)
|
||||||
#
|
#
|
||||||
define(`hotplug_exec',`
|
interface(`hotplug_exec',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type hotplug_t;
|
type hotplug_t;
|
||||||
')
|
')
|
||||||
@ -42,7 +42,7 @@ define(`hotplug_exec',`
|
|||||||
#
|
#
|
||||||
# hotplug_use_fd(domain)
|
# hotplug_use_fd(domain)
|
||||||
#
|
#
|
||||||
define(`hotplug_use_fd',`
|
interface(`hotplug_use_fd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type hotplug_t;
|
type hotplug_t;
|
||||||
class fd use;
|
class fd use;
|
||||||
@ -55,7 +55,7 @@ define(`hotplug_use_fd',`
|
|||||||
#
|
#
|
||||||
# hotplug_dontaudit_use_fd(domain)
|
# hotplug_dontaudit_use_fd(domain)
|
||||||
#
|
#
|
||||||
define(`hotplug_dontaudit_use_fd',`
|
interface(`hotplug_dontaudit_use_fd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type hotplug_t;
|
type hotplug_t;
|
||||||
class fd use;
|
class fd use;
|
||||||
@ -68,7 +68,7 @@ define(`hotplug_dontaudit_use_fd',`
|
|||||||
#
|
#
|
||||||
# hotplug_dontaudit_search_config(domain)
|
# hotplug_dontaudit_search_config(domain)
|
||||||
#
|
#
|
||||||
define(`hotplug_dontaudit_search_config',`
|
interface(`hotplug_dontaudit_search_config',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type hotplug_etc_t;
|
type hotplug_etc_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -87,7 +87,7 @@ define(`hotplug_dontaudit_search_config',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`hotplug_read_config',`
|
interface(`hotplug_read_config',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type hotplug_etc_t;
|
type hotplug_etc_t;
|
||||||
class file r_file_perms;
|
class file r_file_perms;
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
#
|
#
|
||||||
# init_domain(domain,entrypointfile)
|
# init_domain(domain,entrypointfile)
|
||||||
#
|
#
|
||||||
define(`init_domain',`
|
interface(`init_domain',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type init_t;
|
type init_t;
|
||||||
role system_r;
|
role system_r;
|
||||||
@ -38,7 +38,7 @@ define(`init_domain',`
|
|||||||
#
|
#
|
||||||
# init_daemon_domain(domain,entrypointfile)
|
# init_daemon_domain(domain,entrypointfile)
|
||||||
#
|
#
|
||||||
define(`init_daemon_domain',`
|
interface(`init_daemon_domain',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type initrc_t;
|
type initrc_t;
|
||||||
role system_r;
|
role system_r;
|
||||||
@ -71,7 +71,7 @@ define(`init_daemon_domain',`
|
|||||||
#
|
#
|
||||||
# init_system_domain(domain,entrypointfile)
|
# init_system_domain(domain,entrypointfile)
|
||||||
#
|
#
|
||||||
define(`init_system_domain',`
|
interface(`init_system_domain',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type initrc_t;
|
type initrc_t;
|
||||||
role system_r;
|
role system_r;
|
||||||
@ -104,7 +104,7 @@ define(`init_system_domain',`
|
|||||||
#
|
#
|
||||||
# init_domtrans(domain)
|
# init_domtrans(domain)
|
||||||
#
|
#
|
||||||
define(`init_domtrans',`
|
interface(`init_domtrans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type init_t, init_exec_t;
|
type init_t, init_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -124,7 +124,7 @@ define(`init_domtrans',`
|
|||||||
#
|
#
|
||||||
# init_get_process_group(domain)
|
# init_get_process_group(domain)
|
||||||
#
|
#
|
||||||
define(`init_get_process_group',`
|
interface(`init_get_process_group',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type init_t;
|
type init_t;
|
||||||
class process getpgid;
|
class process getpgid;
|
||||||
@ -137,7 +137,7 @@ define(`init_get_process_group',`
|
|||||||
#
|
#
|
||||||
# init_getattr_initctl(domain)
|
# init_getattr_initctl(domain)
|
||||||
#
|
#
|
||||||
define(`init_getattr_initctl',`
|
interface(`init_getattr_initctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type initctl_t;
|
type initctl_t;
|
||||||
class fifo_file getattr;
|
class fifo_file getattr;
|
||||||
@ -150,7 +150,7 @@ define(`init_getattr_initctl',`
|
|||||||
#
|
#
|
||||||
# init_dontaudit_getattr_initctl(domain)
|
# init_dontaudit_getattr_initctl(domain)
|
||||||
#
|
#
|
||||||
define(`init_dontaudit_getattr_initctl',`
|
interface(`init_dontaudit_getattr_initctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type initctl_t;
|
type initctl_t;
|
||||||
class fifo_file getattr;
|
class fifo_file getattr;
|
||||||
@ -163,7 +163,7 @@ define(`init_dontaudit_getattr_initctl',`
|
|||||||
#
|
#
|
||||||
# init_use_initctl(domain)
|
# init_use_initctl(domain)
|
||||||
#
|
#
|
||||||
define(`init_use_initctl',`
|
interface(`init_use_initctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type initctl_t;
|
type initctl_t;
|
||||||
class fifo_file rw_file_perms;
|
class fifo_file rw_file_perms;
|
||||||
@ -177,7 +177,7 @@ define(`init_use_initctl',`
|
|||||||
#
|
#
|
||||||
# init_dontaudit_use_initctl(domain)
|
# init_dontaudit_use_initctl(domain)
|
||||||
#
|
#
|
||||||
define(`init_dontaudit_use_initctl',`
|
interface(`init_dontaudit_use_initctl',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type initctl_t;
|
type initctl_t;
|
||||||
class fifo_file { read write };
|
class fifo_file { read write };
|
||||||
@ -190,7 +190,7 @@ define(`init_dontaudit_use_initctl',`
|
|||||||
#
|
#
|
||||||
# init_sigchld(domain)
|
# init_sigchld(domain)
|
||||||
#
|
#
|
||||||
define(`init_sigchld',`
|
interface(`init_sigchld',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type init_t;
|
type init_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -203,7 +203,7 @@ define(`init_sigchld',`
|
|||||||
#
|
#
|
||||||
# init_use_fd(domain)
|
# init_use_fd(domain)
|
||||||
#
|
#
|
||||||
define(`init_use_fd',`
|
interface(`init_use_fd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type init_t;
|
type init_t;
|
||||||
class fd use;
|
class fd use;
|
||||||
@ -216,7 +216,7 @@ define(`init_use_fd',`
|
|||||||
#
|
#
|
||||||
# init_dontaudit_use_fd(domain)
|
# init_dontaudit_use_fd(domain)
|
||||||
#
|
#
|
||||||
define(`init_dontaudit_use_fd',`
|
interface(`init_dontaudit_use_fd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type init_t;
|
type init_t;
|
||||||
class fd use;
|
class fd use;
|
||||||
@ -229,7 +229,7 @@ define(`init_dontaudit_use_fd',`
|
|||||||
#
|
#
|
||||||
# init_domtrans_script(domain)
|
# init_domtrans_script(domain)
|
||||||
#
|
#
|
||||||
define(`init_domtrans_script',`
|
interface(`init_domtrans_script',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type initrc_t, initrc_exec_t;
|
type initrc_t, initrc_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -250,7 +250,7 @@ define(`init_domtrans_script',`
|
|||||||
#
|
#
|
||||||
# init_exec_script(domain)
|
# init_exec_script(domain)
|
||||||
#
|
#
|
||||||
define(`init_exec_script',`
|
interface(`init_exec_script',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type initrc_exec_t;
|
type initrc_exec_t;
|
||||||
')
|
')
|
||||||
@ -269,7 +269,7 @@ define(`init_exec_script',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`init_read_script_process_state',`
|
interface(`init_read_script_process_state',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type initrc_t;
|
type initrc_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -294,7 +294,7 @@ define(`init_read_script_process_state',`
|
|||||||
#
|
#
|
||||||
# init_use_script_fd(domain)
|
# init_use_script_fd(domain)
|
||||||
#
|
#
|
||||||
define(`init_use_script_fd',`
|
interface(`init_use_script_fd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type initrc_t;
|
type initrc_t;
|
||||||
class fd use;
|
class fd use;
|
||||||
@ -307,7 +307,7 @@ define(`init_use_script_fd',`
|
|||||||
#
|
#
|
||||||
# init_dontaudit_use_script_fd(domain)
|
# init_dontaudit_use_script_fd(domain)
|
||||||
#
|
#
|
||||||
define(`init_dontaudit_use_script_fd',`
|
interface(`init_dontaudit_use_script_fd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type initrc_t;
|
type initrc_t;
|
||||||
class fd use;
|
class fd use;
|
||||||
@ -320,7 +320,7 @@ define(`init_dontaudit_use_script_fd',`
|
|||||||
#
|
#
|
||||||
# init_get_script_process_group(domain)
|
# init_get_script_process_group(domain)
|
||||||
#
|
#
|
||||||
define(`init_get_script_process_group',`
|
interface(`init_get_script_process_group',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type initrc_t;
|
type initrc_t;
|
||||||
class process getpgid;
|
class process getpgid;
|
||||||
@ -339,7 +339,7 @@ define(`init_get_script_process_group',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`init_rw_script_pipe',`
|
interface(`init_rw_script_pipe',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type initrc_t;
|
type initrc_t;
|
||||||
class chr_file { read write };
|
class chr_file { read write };
|
||||||
@ -352,7 +352,7 @@ define(`init_rw_script_pipe',`
|
|||||||
#
|
#
|
||||||
# init_use_script_pty(domain)
|
# init_use_script_pty(domain)
|
||||||
#
|
#
|
||||||
define(`init_use_script_pty',`
|
interface(`init_use_script_pty',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type initrc_devpts_t;
|
type initrc_devpts_t;
|
||||||
class chr_file rw_term_perms;
|
class chr_file rw_term_perms;
|
||||||
@ -366,7 +366,7 @@ define(`init_use_script_pty',`
|
|||||||
#
|
#
|
||||||
# init_dontaudit_use_script_pty(domain)
|
# init_dontaudit_use_script_pty(domain)
|
||||||
#
|
#
|
||||||
define(`init_dontaudit_use_script_pty',`
|
interface(`init_dontaudit_use_script_pty',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type initrc_devpts_t;
|
type initrc_devpts_t;
|
||||||
class chr_file { read write ioctl };
|
class chr_file { read write ioctl };
|
||||||
@ -385,7 +385,7 @@ define(`init_dontaudit_use_script_pty',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`init_rw_script_tmp_files',`
|
interface(`init_rw_script_tmp_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type initrc_var_run_t;
|
type initrc_var_run_t;
|
||||||
class file rw_file_perms;
|
class file rw_file_perms;
|
||||||
@ -399,7 +399,7 @@ define(`init_rw_script_tmp_files',`
|
|||||||
#
|
#
|
||||||
# init_read_script_pid(domain)
|
# init_read_script_pid(domain)
|
||||||
#
|
#
|
||||||
define(`init_read_script_pid',`
|
interface(`init_read_script_pid',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type initrc_var_run_t;
|
type initrc_var_run_t;
|
||||||
class file r_file_perms;
|
class file r_file_perms;
|
||||||
@ -413,7 +413,7 @@ define(`init_read_script_pid',`
|
|||||||
#
|
#
|
||||||
# init_dontaudit_write_script_pid(domain)
|
# init_dontaudit_write_script_pid(domain)
|
||||||
#
|
#
|
||||||
define(`init_dontaudit_write_script_pid',`
|
interface(`init_dontaudit_write_script_pid',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type initrc_var_run_t;
|
type initrc_var_run_t;
|
||||||
class file { write lock };
|
class file { write lock };
|
||||||
@ -426,7 +426,7 @@ define(`init_dontaudit_write_script_pid',`
|
|||||||
#
|
#
|
||||||
# init_rw_script_pid(domain)
|
# init_rw_script_pid(domain)
|
||||||
#
|
#
|
||||||
define(`init_rw_script_pid',`
|
interface(`init_rw_script_pid',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type initrc_var_run_t;
|
type initrc_var_run_t;
|
||||||
class file rw_file_perms;
|
class file rw_file_perms;
|
||||||
@ -440,7 +440,7 @@ define(`init_rw_script_pid',`
|
|||||||
#
|
#
|
||||||
# init_dontaudit_rw_script_pid(domain)
|
# init_dontaudit_rw_script_pid(domain)
|
||||||
#
|
#
|
||||||
define(`init_dontaudit_rw_script_pid',`
|
interface(`init_dontaudit_rw_script_pid',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type initrc_var_run_t;
|
type initrc_var_run_t;
|
||||||
class file rw_file_perms;
|
class file rw_file_perms;
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`iptables_domtrans',`
|
interface(`iptables_domtrans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type iptables_t, iptables_exec_t;
|
type iptables_t, iptables_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -45,7 +45,7 @@ define(`iptables_domtrans',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`iptables_run',`
|
interface(`iptables_run',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type iptables_t;
|
type iptables_t;
|
||||||
class chr_file rw_term_perms;
|
class chr_file rw_term_perms;
|
||||||
@ -66,7 +66,7 @@ define(`iptables_run',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`iptables_exec',`
|
interface(`iptables_exec',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type iptables_exec_t;
|
type iptables_exec_t;
|
||||||
')
|
')
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`libs_domtrans_ldconfig',`
|
interface(`libs_domtrans_ldconfig',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type ldconfig_t, ldconfig_exec_t;
|
type ldconfig_t, ldconfig_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -44,7 +44,7 @@ define(`libs_domtrans_ldconfig',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`libs_run_ldconfig',`
|
interface(`libs_run_ldconfig',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type ldconfig_t;
|
type ldconfig_t;
|
||||||
class chr_file rw_term_perms;
|
class chr_file rw_term_perms;
|
||||||
@ -66,7 +66,7 @@ define(`libs_run_ldconfig',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`libs_use_ld_so',`
|
interface(`libs_use_ld_so',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type lib_t, ld_so_t, ld_so_cache_t;
|
type lib_t, ld_so_t, ld_so_cache_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -93,7 +93,7 @@ define(`libs_use_ld_so',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`libs_legacy_use_ld_so',`
|
interface(`libs_legacy_use_ld_so',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type ld_so_t, ld_so_cache_t;
|
type ld_so_t, ld_so_cache_t;
|
||||||
class file { execute execmod };
|
class file { execute execmod };
|
||||||
@ -119,7 +119,7 @@ define(`libs_legacy_use_ld_so',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`libs_exec_ld_so',`
|
interface(`libs_exec_ld_so',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type lib_t, ld_so_t;
|
type lib_t, ld_so_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -143,7 +143,7 @@ define(`libs_exec_ld_so',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`libs_rw_ld_so_cache',`
|
interface(`libs_rw_ld_so_cache',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type ld_so_cache_t;
|
type ld_so_cache_t;
|
||||||
class file rw_file_perms;
|
class file rw_file_perms;
|
||||||
@ -163,7 +163,7 @@ define(`libs_rw_ld_so_cache',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`libs_search_lib',`
|
interface(`libs_search_lib',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type lib_t;
|
type lib_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -183,7 +183,7 @@ define(`libs_search_lib',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`libs_read_lib',`
|
interface(`libs_read_lib',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type lib_t;
|
type lib_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -206,7 +206,7 @@ define(`libs_read_lib',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`libs_exec_lib_files',`
|
interface(`libs_exec_lib_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type lib_t;
|
type lib_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -229,7 +229,7 @@ define(`libs_exec_lib_files',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`libs_use_shared_libs',`
|
interface(`libs_use_shared_libs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type lib_t, shlib_t, texrel_shlib_t;
|
type lib_t, shlib_t, texrel_shlib_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -255,7 +255,7 @@ define(`libs_use_shared_libs',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`libs_legacy_use_shared_libs',`
|
interface(`libs_legacy_use_shared_libs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type shlib_t, texrel_shlib_t;
|
type shlib_t, texrel_shlib_t;
|
||||||
class file execmod;
|
class file execmod;
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`locallogin_domtrans',`
|
interface(`locallogin_domtrans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type local_login_t;
|
type local_login_t;
|
||||||
')
|
')
|
||||||
@ -29,7 +29,7 @@ define(`locallogin_domtrans',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`locallogin_use_fd',`
|
interface(`locallogin_use_fd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type local_login_t;
|
type local_login_t;
|
||||||
class fd use;
|
class fd use;
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
#
|
#
|
||||||
# logging_log_file(domain)
|
# logging_log_file(domain)
|
||||||
#
|
#
|
||||||
define(`logging_log_file',`
|
interface(`logging_log_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute logfile;
|
attribute logfile;
|
||||||
')
|
')
|
||||||
@ -18,7 +18,7 @@ define(`logging_log_file',`
|
|||||||
#
|
#
|
||||||
# logging_create_log(domain,privatetype,[class(es)])
|
# logging_create_log(domain,privatetype,[class(es)])
|
||||||
#
|
#
|
||||||
define(`logging_create_log',`
|
interface(`logging_create_log',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_log_t;
|
type var_log_t;
|
||||||
class dir rw_dir_perms;
|
class dir rw_dir_perms;
|
||||||
@ -37,7 +37,7 @@ define(`logging_create_log',`
|
|||||||
#
|
#
|
||||||
# logging_send_syslog_msg(domain)
|
# logging_send_syslog_msg(domain)
|
||||||
#
|
#
|
||||||
define(`logging_send_syslog_msg',`
|
interface(`logging_send_syslog_msg',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type syslogd_t, devlog_t;
|
type syslogd_t, devlog_t;
|
||||||
class lnk_file read;
|
class lnk_file read;
|
||||||
@ -71,7 +71,7 @@ define(`logging_send_syslog_msg',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`logging_search_logs',`
|
interface(`logging_search_logs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_log_t;
|
type var_log_t;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -85,7 +85,7 @@ define(`logging_search_logs',`
|
|||||||
#
|
#
|
||||||
# logging_dontaudit_getattr_all_logs(domain)
|
# logging_dontaudit_getattr_all_logs(domain)
|
||||||
#
|
#
|
||||||
define(`logging_dontaudit_getattr_all_logs',`
|
interface(`logging_dontaudit_getattr_all_logs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute logfile;
|
attribute logfile;
|
||||||
class file getattr;
|
class file getattr;
|
||||||
@ -98,7 +98,7 @@ define(`logging_dontaudit_getattr_all_logs',`
|
|||||||
#
|
#
|
||||||
# logging_append_all_logs(domain)
|
# logging_append_all_logs(domain)
|
||||||
#
|
#
|
||||||
define(`logging_append_all_logs',`
|
interface(`logging_append_all_logs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute logfile;
|
attribute logfile;
|
||||||
type var_log_t;
|
type var_log_t;
|
||||||
@ -115,7 +115,7 @@ define(`logging_append_all_logs',`
|
|||||||
#
|
#
|
||||||
# logging_read_all_logs(domain)
|
# logging_read_all_logs(domain)
|
||||||
#
|
#
|
||||||
define(`logging_read_all_logs',`
|
interface(`logging_read_all_logs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute logfile;
|
attribute logfile;
|
||||||
type var_log_t;
|
type var_log_t;
|
||||||
@ -132,7 +132,7 @@ define(`logging_read_all_logs',`
|
|||||||
#
|
#
|
||||||
# logging_read_generic_logs(domain)
|
# logging_read_generic_logs(domain)
|
||||||
#
|
#
|
||||||
define(`logging_read_generic_logs',`
|
interface(`logging_read_generic_logs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_log_t;
|
type var_log_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -148,7 +148,7 @@ define(`logging_read_generic_logs',`
|
|||||||
#
|
#
|
||||||
# logging_write_generic_logs(domain)
|
# logging_write_generic_logs(domain)
|
||||||
#
|
#
|
||||||
define(`logging_write_generic_logs',`
|
interface(`logging_write_generic_logs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_log_t;
|
type var_log_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -164,7 +164,7 @@ define(`logging_write_generic_logs',`
|
|||||||
#
|
#
|
||||||
# logging_rw_generic_logs(domain)
|
# logging_rw_generic_logs(domain)
|
||||||
#
|
#
|
||||||
define(`logging_rw_generic_logs',`
|
interface(`logging_rw_generic_logs',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type var_log_t;
|
type var_log_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`lvm_domtrans',`
|
interface(`lvm_domtrans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type lvm_t, lvm_exec_t;
|
type lvm_t, lvm_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -44,7 +44,7 @@ define(`lvm_domtrans',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`lvm_run',`
|
interface(`lvm_run',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type lvm_t;
|
type lvm_t;
|
||||||
class chr_file rw_term_perms;
|
class chr_file rw_term_perms;
|
||||||
@ -65,7 +65,7 @@ define(`lvm_run',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`lvm_read_config',`
|
interface(`lvm_read_config',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type lvm_t, lvm_exec_t;
|
type lvm_t, lvm_exec_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
|
@ -12,7 +12,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`miscfiles_rw_man_cache',`
|
interface(`miscfiles_rw_man_cache',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type catman_t;
|
type catman_t;
|
||||||
class dir create_dir_perms;
|
class dir create_dir_perms;
|
||||||
@ -34,7 +34,7 @@ define(`miscfiles_rw_man_cache',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`miscfiles_read_fonts',`
|
interface(`miscfiles_read_fonts',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type fonts_t;
|
type fonts_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -59,7 +59,7 @@ define(`miscfiles_read_fonts',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`miscfiles_read_localization',`
|
interface(`miscfiles_read_localization',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type locale_t;
|
type locale_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -88,7 +88,7 @@ define(`miscfiles_read_localization',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`miscfiles_legacy_read_localization',`
|
interface(`miscfiles_legacy_read_localization',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type locale_t;
|
type locale_t;
|
||||||
class file execute;
|
class file execute;
|
||||||
@ -108,7 +108,7 @@ define(`miscfiles_legacy_read_localization',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`miscfiles_read_man_pages',`
|
interface(`miscfiles_read_man_pages',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type man_t;
|
type man_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`modutils_read_kernel_module_dependencies',`
|
interface(`modutils_read_kernel_module_dependencies',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type modules_dep_t;
|
type modules_dep_t;
|
||||||
class file r_file_perms;
|
class file r_file_perms;
|
||||||
@ -32,7 +32,7 @@ define(`modutils_read_kernel_module_dependencies',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`modutils_read_module_conf',`
|
interface(`modutils_read_module_conf',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type modules_conf_t;
|
type modules_conf_t;
|
||||||
class file r_file_perms;
|
class file r_file_perms;
|
||||||
@ -56,7 +56,7 @@ define(`modutils_read_module_conf',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`modutils_domtrans_insmod',`
|
interface(`modutils_domtrans_insmod',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type insmod_t, insmod_exec_t;
|
type insmod_t, insmod_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -92,7 +92,7 @@ define(`modutils_domtrans_insmod',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`modutils_run_insmod',`
|
interface(`modutils_run_insmod',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type insmod_t;
|
type insmod_t;
|
||||||
class chr_file rw_term_perms;
|
class chr_file rw_term_perms;
|
||||||
@ -107,7 +107,7 @@ define(`modutils_run_insmod',`
|
|||||||
#
|
#
|
||||||
# modutils_exec_insmod(domain)
|
# modutils_exec_insmod(domain)
|
||||||
#
|
#
|
||||||
define(`modutils_exec_insmod',`
|
interface(`modutils_exec_insmod',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type insmod_t;
|
type insmod_t;
|
||||||
')
|
')
|
||||||
@ -126,7 +126,7 @@ define(`modutils_exec_insmod',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`modutils_domtrans_depmod',`
|
interface(`modutils_domtrans_depmod',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type depmod_t, depmod_exec_t;
|
type depmod_t, depmod_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -159,7 +159,7 @@ define(`modutils_domtrans_depmod',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`modutils_run_depmod',`
|
interface(`modutils_run_depmod',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type depmod_t;
|
type depmod_t;
|
||||||
class chr_file rw_term_perms;
|
class chr_file rw_term_perms;
|
||||||
@ -174,7 +174,7 @@ define(`modutils_run_depmod',`
|
|||||||
#
|
#
|
||||||
# modutils_exec_depmod(domain)
|
# modutils_exec_depmod(domain)
|
||||||
#
|
#
|
||||||
define(`modutils_exec_depmod',`
|
interface(`modutils_exec_depmod',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type depmod_t;
|
type depmod_t;
|
||||||
')
|
')
|
||||||
@ -193,7 +193,7 @@ define(`modutils_exec_depmod',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`modutils_domtrans_update_mods',`
|
interface(`modutils_domtrans_update_mods',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type update_modules_t, update_modules_exec_t;
|
type update_modules_t, update_modules_exec_t;
|
||||||
class process signal;
|
class process signal;
|
||||||
@ -226,7 +226,7 @@ define(`modutils_domtrans_update_mods',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`modutils_run_update_mods',`
|
interface(`modutils_run_update_mods',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type update_modules_t;
|
type update_modules_t;
|
||||||
class chr_file rw_term_perms;
|
class chr_file rw_term_perms;
|
||||||
@ -241,7 +241,7 @@ define(`modutils_run_update_mods',`
|
|||||||
#
|
#
|
||||||
# modutils_exec_update_mods(domain)
|
# modutils_exec_update_mods(domain)
|
||||||
#
|
#
|
||||||
define(`modutils_exec_update_mods',`
|
interface(`modutils_exec_update_mods',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type update_modules_t;
|
type update_modules_t;
|
||||||
')
|
')
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`mount_domtrans',`
|
interface(`mount_domtrans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type mount_t, mount_exec_t;
|
type mount_t, mount_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -45,7 +45,7 @@ define(`mount_domtrans',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`mount_run',`
|
interface(`mount_run',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type mount_t;
|
type mount_t;
|
||||||
class chr_file rw_file_perms;
|
class chr_file rw_file_perms;
|
||||||
@ -66,7 +66,7 @@ define(`mount_run',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`mount_use_fd',`
|
interface(`mount_use_fd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type mount_t;
|
type mount_t;
|
||||||
class fd use;
|
class fd use;
|
||||||
@ -86,7 +86,7 @@ define(`mount_use_fd',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`mount_send_nfs_client_request',`
|
interface(`mount_send_nfs_client_request',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type mount_t;
|
type mount_t;
|
||||||
class udp_socket rw_socket_perms;
|
class udp_socket rw_socket_perms;
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`seutil_domtrans_checkpol',`
|
interface(`seutil_domtrans_checkpol',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type checkpolicy_t, checkpolicy_exec_t;
|
type checkpolicy_t, checkpolicy_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -48,7 +48,7 @@ define(`seutil_domtrans_checkpol',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`seutil_run_checkpol',`
|
interface(`seutil_run_checkpol',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type checkpolicy_t;
|
type checkpolicy_t;
|
||||||
class chr_file rw_term_perms;
|
class chr_file rw_term_perms;
|
||||||
@ -63,7 +63,7 @@ define(`seutil_run_checkpol',`
|
|||||||
#
|
#
|
||||||
# seutil_exec_checkpol(domain)
|
# seutil_exec_checkpol(domain)
|
||||||
#
|
#
|
||||||
define(`seutil_exec_checkpol',`
|
interface(`seutil_exec_checkpol',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type checkpolicy_exec_t;
|
type checkpolicy_exec_t;
|
||||||
')
|
')
|
||||||
@ -83,7 +83,7 @@ define(`seutil_exec_checkpol',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`seutil_domtrans_loadpol',`
|
interface(`seutil_domtrans_loadpol',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type load_policy_t, load_policy_exec_t;
|
type load_policy_t, load_policy_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -119,7 +119,7 @@ define(`seutil_domtrans_loadpol',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`seutil_run_loadpol',`
|
interface(`seutil_run_loadpol',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type load_policy_t;
|
type load_policy_t;
|
||||||
class chr_file rw_term_perms;
|
class chr_file rw_term_perms;
|
||||||
@ -134,7 +134,7 @@ define(`seutil_run_loadpol',`
|
|||||||
#
|
#
|
||||||
# seutil_exec_loadpol(domain)
|
# seutil_exec_loadpol(domain)
|
||||||
#
|
#
|
||||||
define(`seutil_exec_loadpol',`
|
interface(`seutil_exec_loadpol',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type load_policy_exec_t;
|
type load_policy_exec_t;
|
||||||
')
|
')
|
||||||
@ -147,7 +147,7 @@ define(`seutil_exec_loadpol',`
|
|||||||
#
|
#
|
||||||
# seutil_read_loadpol(domain)
|
# seutil_read_loadpol(domain)
|
||||||
#
|
#
|
||||||
define(`seutil_read_loadpol',`
|
interface(`seutil_read_loadpol',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type load_policy_exec_t;
|
type load_policy_exec_t;
|
||||||
class file r_file_perms
|
class file r_file_perms
|
||||||
@ -167,7 +167,7 @@ define(`seutil_read_loadpol',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`seutil_domtrans_newrole',`
|
interface(`seutil_domtrans_newrole',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type newrole_t, newrole_exec_t;
|
type newrole_t, newrole_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -203,7 +203,7 @@ define(`seutil_domtrans_newrole',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`seutil_run_newrole',`
|
interface(`seutil_run_newrole',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type newrole_t;
|
type newrole_t;
|
||||||
class chr_file rw_term_perms;
|
class chr_file rw_term_perms;
|
||||||
@ -218,7 +218,7 @@ define(`seutil_run_newrole',`
|
|||||||
#
|
#
|
||||||
# seutil_exec_newrole(domain)
|
# seutil_exec_newrole(domain)
|
||||||
#
|
#
|
||||||
define(`seutil_exec_newrole',`
|
interface(`seutil_exec_newrole',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type newrole_t, newrole_exec_t;
|
type newrole_t, newrole_exec_t;
|
||||||
')
|
')
|
||||||
@ -239,7 +239,7 @@ define(`seutil_exec_newrole',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`seutil_dontaudit_newrole_signal',`
|
interface(`seutil_dontaudit_newrole_signal',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type newrole_t;
|
type newrole_t;
|
||||||
class process signal;
|
class process signal;
|
||||||
@ -252,7 +252,7 @@ define(`seutil_dontaudit_newrole_signal',`
|
|||||||
#
|
#
|
||||||
# seutil_newrole_sigchld(domain)
|
# seutil_newrole_sigchld(domain)
|
||||||
#
|
#
|
||||||
define(`seutil_newrole_sigchld',`
|
interface(`seutil_newrole_sigchld',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type newrole_t;
|
type newrole_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -265,7 +265,7 @@ define(`seutil_newrole_sigchld',`
|
|||||||
#
|
#
|
||||||
# seutil_use_newrole_fd(domain)
|
# seutil_use_newrole_fd(domain)
|
||||||
#
|
#
|
||||||
define(`seutil_use_newrole_fd',`
|
interface(`seutil_use_newrole_fd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type newrole_t;
|
type newrole_t;
|
||||||
class fd use;
|
class fd use;
|
||||||
@ -284,7 +284,7 @@ define(`seutil_use_newrole_fd',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`seutil_domtrans_restorecon',`
|
interface(`seutil_domtrans_restorecon',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type restorecon_t, restorecon_exec_t;
|
type restorecon_t, restorecon_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -319,7 +319,7 @@ define(`seutil_domtrans_restorecon',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`seutil_run_restorecon',`
|
interface(`seutil_run_restorecon',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type restorecon_t;
|
type restorecon_t;
|
||||||
class chr_file rw_term_perms;
|
class chr_file rw_term_perms;
|
||||||
@ -334,7 +334,7 @@ define(`seutil_run_restorecon',`
|
|||||||
#
|
#
|
||||||
# seutil_exec_restorecon(domain)
|
# seutil_exec_restorecon(domain)
|
||||||
#
|
#
|
||||||
define(`seutil_exec_restorecon',`
|
interface(`seutil_exec_restorecon',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type restorecon_t, restorecon_exec_t;
|
type restorecon_t, restorecon_exec_t;
|
||||||
')
|
')
|
||||||
@ -353,7 +353,7 @@ define(`seutil_exec_restorecon',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`seutil_domtrans_runinit',`
|
interface(`seutil_domtrans_runinit',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type run_init_t, run_init_exec_t;
|
type run_init_t, run_init_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -389,7 +389,7 @@ define(`seutil_domtrans_runinit',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`seutil_run_runinit',`
|
interface(`seutil_run_runinit',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type run_init_t;
|
type run_init_t;
|
||||||
class chr_file rw_term_perms;
|
class chr_file rw_term_perms;
|
||||||
@ -404,7 +404,7 @@ define(`seutil_run_runinit',`
|
|||||||
#
|
#
|
||||||
# seutil_use_runinit_fd(domain)
|
# seutil_use_runinit_fd(domain)
|
||||||
#
|
#
|
||||||
define(`seutil_use_runinit_fd',`
|
interface(`seutil_use_runinit_fd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type run_init_t;
|
type run_init_t;
|
||||||
class fd use;
|
class fd use;
|
||||||
@ -423,7 +423,7 @@ define(`seutil_use_runinit_fd',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`seutil_domtrans_setfiles',`
|
interface(`seutil_domtrans_setfiles',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type setfiles_t, setfiles_exec_t;
|
type setfiles_t, setfiles_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -459,7 +459,7 @@ define(`seutil_domtrans_setfiles',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`seutil_run_setfiles',`
|
interface(`seutil_run_setfiles',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type setfiles_t;
|
type setfiles_t;
|
||||||
class chr_file rw_term_perms;
|
class chr_file rw_term_perms;
|
||||||
@ -474,7 +474,7 @@ define(`seutil_run_setfiles',`
|
|||||||
#
|
#
|
||||||
# seutil_exec_setfiles(domain)
|
# seutil_exec_setfiles(domain)
|
||||||
#
|
#
|
||||||
define(`seutil_exec_setfiles',`
|
interface(`seutil_exec_setfiles',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type setfiles_exec_t;
|
type setfiles_exec_t;
|
||||||
')
|
')
|
||||||
@ -488,7 +488,7 @@ define(`seutil_exec_setfiles',`
|
|||||||
#
|
#
|
||||||
# seutil_read_config(domain)
|
# seutil_read_config(domain)
|
||||||
#
|
#
|
||||||
define(`seutil_read_config',`
|
interface(`seutil_read_config',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type selinux_config_t;
|
type selinux_config_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -504,7 +504,7 @@ define(`seutil_read_config',`
|
|||||||
#
|
#
|
||||||
# seutil_read_default_contexts(domain)
|
# seutil_read_default_contexts(domain)
|
||||||
#
|
#
|
||||||
define(`seutil_read_default_contexts',`
|
interface(`seutil_read_default_contexts',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type selinux_config_t, default_context_t;
|
type selinux_config_t, default_context_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -521,7 +521,7 @@ define(`seutil_read_default_contexts',`
|
|||||||
#
|
#
|
||||||
# seutil_read_file_contexts(domain)
|
# seutil_read_file_contexts(domain)
|
||||||
#
|
#
|
||||||
define(`seutil_read_file_contexts',`
|
interface(`seutil_read_file_contexts',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type selinux_config_t, file_context_t;
|
type selinux_config_t, file_context_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -538,7 +538,7 @@ define(`seutil_read_file_contexts',`
|
|||||||
#
|
#
|
||||||
# seutil_read_binary_pol(domain)
|
# seutil_read_binary_pol(domain)
|
||||||
#
|
#
|
||||||
define(`seutil_read_binary_pol',`
|
interface(`seutil_read_binary_pol',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type selinux_config_t, policy_config_t;
|
type selinux_config_t, policy_config_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -555,7 +555,7 @@ define(`seutil_read_binary_pol',`
|
|||||||
#
|
#
|
||||||
# seutil_create_binary_pol(domain)
|
# seutil_create_binary_pol(domain)
|
||||||
#
|
#
|
||||||
define(`seutil_create_binary_pol',`
|
interface(`seutil_create_binary_pol',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute can_write_binary_policy;
|
attribute can_write_binary_policy;
|
||||||
type selinux_config_t, policy_config_t;
|
type selinux_config_t, policy_config_t;
|
||||||
@ -580,7 +580,7 @@ define(`seutil_create_binary_pol',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`seutil_relabelto_binary_pol',`
|
interface(`seutil_relabelto_binary_pol',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute can_relabelto_binary_policy;
|
attribute can_relabelto_binary_policy;
|
||||||
type policy_config_t;
|
type policy_config_t;
|
||||||
@ -595,7 +595,7 @@ define(`seutil_relabelto_binary_pol',`
|
|||||||
#
|
#
|
||||||
# seutil_manage_binary_pol(domain)
|
# seutil_manage_binary_pol(domain)
|
||||||
#
|
#
|
||||||
define(`seutil_manage_binary_pol',`
|
interface(`seutil_manage_binary_pol',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute can_write_binary_policy;
|
attribute can_write_binary_policy;
|
||||||
type selinux_config_t, policy_config_t;
|
type selinux_config_t, policy_config_t;
|
||||||
@ -614,7 +614,7 @@ define(`seutil_manage_binary_pol',`
|
|||||||
#
|
#
|
||||||
# seutil_read_src_pol(domain)
|
# seutil_read_src_pol(domain)
|
||||||
#
|
#
|
||||||
define(`seutil_read_src_pol',`
|
interface(`seutil_read_src_pol',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type selinux_config_t, policy_src_t;
|
type selinux_config_t, policy_src_t;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -631,7 +631,7 @@ define(`seutil_read_src_pol',`
|
|||||||
#
|
#
|
||||||
# seutil_manage_src_pol(domain)
|
# seutil_manage_src_pol(domain)
|
||||||
#
|
#
|
||||||
define(`seutil_manage_src_pol',`
|
interface(`seutil_manage_src_pol',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type selinux_config_t, policy_src_t;
|
type selinux_config_t, policy_src_t;
|
||||||
class dir create_dir_perms;
|
class dir create_dir_perms;
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`sysnet_domtrans_dhcpc',`
|
interface(`sysnet_domtrans_dhcpc',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type dhcpc_t, dhcpc_exec_t;
|
type dhcpc_t, dhcpc_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -38,7 +38,7 @@ define(`sysnet_domtrans_dhcpc',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`sysnet_domtrans_ifconfig',`
|
interface(`sysnet_domtrans_ifconfig',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type ifconfig_t, ifconfig_exec_t;
|
type ifconfig_t, ifconfig_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -73,7 +73,7 @@ define(`sysnet_domtrans_ifconfig',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`sysnet_run_ifconfig',`
|
interface(`sysnet_run_ifconfig',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type ifconfig_t;
|
type ifconfig_t;
|
||||||
class chr_file rw_term_perms;
|
class chr_file rw_term_perms;
|
||||||
@ -95,7 +95,7 @@ define(`sysnet_run_ifconfig',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`sysnet_read_config',`
|
interface(`sysnet_read_config',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type net_conf_t;
|
type net_conf_t;
|
||||||
class file r_file_perms;
|
class file r_file_perms;
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`udev_domtrans',`
|
interface(`udev_domtrans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type udev_t, udev_exec_t;
|
type udev_t, udev_exec_t;
|
||||||
class process sigchld;
|
class process sigchld;
|
||||||
@ -37,7 +37,7 @@ define(`udev_domtrans',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`udev_read_db',`
|
interface(`udev_read_db',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type udev_tdb_t;
|
type udev_tdb_t;
|
||||||
class file r_file_perms;
|
class file r_file_perms;
|
||||||
@ -57,7 +57,7 @@ define(`udev_read_db',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`udev_rw_db',`
|
interface(`udev_rw_db',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type udev_tdb_t;
|
type udev_tdb_t;
|
||||||
class file rw_file_perms;
|
class file rw_file_perms;
|
||||||
|
@ -7,7 +7,7 @@
|
|||||||
#
|
#
|
||||||
# This is common to user and admin domain
|
# This is common to user and admin domain
|
||||||
|
|
||||||
define(`base_user_domain',`
|
template(`base_user_domain',`
|
||||||
|
|
||||||
attribute $1_file_type;
|
attribute $1_file_type;
|
||||||
|
|
||||||
@ -403,7 +403,7 @@ define(`base_user_domain',`
|
|||||||
# User domain template
|
# User domain template
|
||||||
#
|
#
|
||||||
|
|
||||||
define(`user_domain_template', `
|
template(`user_domain_template', `
|
||||||
##############################
|
##############################
|
||||||
#
|
#
|
||||||
# Declarations
|
# Declarations
|
||||||
@ -604,7 +604,7 @@ define(`user_domain_template', `
|
|||||||
#
|
#
|
||||||
# Admin domain template
|
# Admin domain template
|
||||||
#
|
#
|
||||||
define(`admin_domain_template',`
|
template(`admin_domain_template',`
|
||||||
##############################
|
##############################
|
||||||
#
|
#
|
||||||
# Declarations
|
# Declarations
|
||||||
@ -820,7 +820,7 @@ define(`admin_domain_template',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`userdom_spec_domtrans_all_users',`
|
interface(`userdom_spec_domtrans_all_users',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute userdomain;
|
attribute userdomain;
|
||||||
')
|
')
|
||||||
@ -840,7 +840,7 @@ define(`userdom_spec_domtrans_all_users',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`userdom_spec_domtrans_unpriv_users',`
|
interface(`userdom_spec_domtrans_unpriv_users',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute unpriv_userdomain;
|
attribute unpriv_userdomain;
|
||||||
')
|
')
|
||||||
@ -858,7 +858,7 @@ define(`userdom_spec_domtrans_unpriv_users',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`userdom_shell_domtrans_sysadm',`
|
interface(`userdom_shell_domtrans_sysadm',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type sysadm_t;
|
type sysadm_t;
|
||||||
')
|
')
|
||||||
@ -876,7 +876,7 @@ define(`userdom_shell_domtrans_sysadm',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`userdom_use_sysadm_tty',`
|
interface(`userdom_use_sysadm_tty',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type sysadm_tty_device_t;
|
type sysadm_tty_device_t;
|
||||||
class chr_file { getattr read write ioctl };
|
class chr_file { getattr read write ioctl };
|
||||||
@ -897,7 +897,7 @@ define(`userdom_use_sysadm_tty',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`userdom_use_sysadm_terms',`
|
interface(`userdom_use_sysadm_terms',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute admin_terminal;
|
attribute admin_terminal;
|
||||||
class chr_file { getattr read write ioctl };
|
class chr_file { getattr read write ioctl };
|
||||||
@ -918,7 +918,7 @@ define(`userdom_use_sysadm_terms',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`userdom_dontaudit_use_sysadm_terms',`
|
interface(`userdom_dontaudit_use_sysadm_terms',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute admin_terminal;
|
attribute admin_terminal;
|
||||||
class chr_file { read write };
|
class chr_file { read write };
|
||||||
@ -937,7 +937,7 @@ define(`userdom_dontaudit_use_sysadm_terms',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`userdom_search_all_users_home',`
|
interface(`userdom_search_all_users_home',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute home_dir_type, home_type;
|
attribute home_dir_type, home_type;
|
||||||
class dir search;
|
class dir search;
|
||||||
@ -957,7 +957,7 @@ define(`userdom_search_all_users_home',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`userdom_read_all_user_data',`
|
interface(`userdom_read_all_user_data',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute home_type;
|
attribute home_type;
|
||||||
class dir r_dir_perms;
|
class dir r_dir_perms;
|
||||||
@ -979,7 +979,7 @@ define(`userdom_read_all_user_data',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`userdom_use_all_user_fd',`
|
interface(`userdom_use_all_user_fd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute userdomain;
|
attribute userdomain;
|
||||||
class fd use;
|
class fd use;
|
||||||
@ -998,7 +998,7 @@ define(`userdom_use_all_user_fd',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`userdom_signal_all_users',`
|
interface(`userdom_signal_all_users',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute userdomain;
|
attribute userdomain;
|
||||||
class process signal;
|
class process signal;
|
||||||
@ -1017,7 +1017,7 @@ define(`userdom_signal_all_users',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`userdom_signal_unpriv_users',`
|
interface(`userdom_signal_unpriv_users',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute unpriv_userdomain;
|
attribute unpriv_userdomain;
|
||||||
class process signal;
|
class process signal;
|
||||||
@ -1036,7 +1036,7 @@ define(`userdom_signal_unpriv_users',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`userdom_use_unpriv_users_fd',`
|
interface(`userdom_use_unpriv_users_fd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute unpriv_userdomain;
|
attribute unpriv_userdomain;
|
||||||
class fd use;
|
class fd use;
|
||||||
@ -1056,7 +1056,7 @@ define(`userdom_use_unpriv_users_fd',`
|
|||||||
## </parameter>
|
## </parameter>
|
||||||
## </interface>
|
## </interface>
|
||||||
#
|
#
|
||||||
define(`userdom_dontaudit_use_unpriv_user_fd',`
|
interface(`userdom_dontaudit_use_unpriv_user_fd',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute unpriv_userdomain;
|
attribute unpriv_userdomain;
|
||||||
class fd use;
|
class fd use;
|
||||||
|
@ -28,17 +28,52 @@ define(`gen_require',`
|
|||||||
|
|
||||||
##############################
|
##############################
|
||||||
#
|
#
|
||||||
# In the future interfaces could be in loadable modules
|
# In the future interfaces should be in loadable modules
|
||||||
#
|
#
|
||||||
# module_interface(name,rules)
|
# template(name,rules)
|
||||||
#
|
#
|
||||||
define(`module_interface',`
|
define(`template',`
|
||||||
define(`$1',`
|
`define(`$1',`
|
||||||
gen_require(`$1'_depend)
|
###### begin $1(dollarsstar)
|
||||||
$2
|
$2
|
||||||
')
|
###### end $1(dollarsstar)
|
||||||
|
'')
|
||||||
')
|
')
|
||||||
|
|
||||||
|
# helper function, since m4 wont expand macros
|
||||||
|
# if a line is a comment (#):
|
||||||
|
define(`policy_m4_comment',`dnl
|
||||||
|
##### $2 depth: $1
|
||||||
|
')dnl
|
||||||
|
|
||||||
|
##############################
|
||||||
|
#
|
||||||
|
# In the future interfaces should be in loadable modules
|
||||||
|
#
|
||||||
|
# interface(name,rules)
|
||||||
|
#
|
||||||
|
define(`interface',`
|
||||||
|
`define(`$1',`
|
||||||
|
|
||||||
|
define(`policy_temp',incr(policy_call_depth))
|
||||||
|
pushdef(`policy_call_depth',policy_temp)
|
||||||
|
undefine(`policy_temp')
|
||||||
|
|
||||||
|
policy_m4_comment(policy_call_depth,begin `$1'(dollarsstar))
|
||||||
|
|
||||||
|
$2
|
||||||
|
|
||||||
|
define(`policy_temp',decr(policy_call_depth))
|
||||||
|
pushdef(`policy_call_depth',policy_temp)
|
||||||
|
undefine(`policy_temp')
|
||||||
|
|
||||||
|
policy_m4_comment(policy_call_depth,end `$1'(dollarsstar))
|
||||||
|
|
||||||
|
'')
|
||||||
|
')
|
||||||
|
|
||||||
|
define(`policy_call_depth',0)
|
||||||
|
|
||||||
##############################
|
##############################
|
||||||
#
|
#
|
||||||
# Optional policy handling
|
# Optional policy handling
|
||||||
|
Loading…
Reference in New Issue
Block a user