Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.
This commit is contained in:
Dominick Grift 2010-09-20 19:40:18 +02:00
parent 3507be9506
commit 2a724571c9
21 changed files with 139 additions and 155 deletions

View File

@ -710,8 +710,8 @@ interface(`postfix_admin',`
allow $1 postfix_smtpd_t:process { ptrace signal_perms }; allow $1 postfix_smtpd_t:process { ptrace signal_perms };
ps_process_pattern($1, postfix_smtpd_t) ps_process_pattern($1, postfix_smtpd_t)
postfix_run_map($1,$2) postfix_run_map($1, $2)
postfix_run_postdrop($1,$2) postfix_run_postdrop($1, $2)
postfix_initrc_domtrans($1) postfix_initrc_domtrans($1)
domain_system_change_exemption($1) domain_system_change_exemption($1)

View File

@ -10,7 +10,7 @@
## </summary> ## </summary>
## </param> ## </param>
## <param name="user_domain"> ## <param name="user_domain">
## <summary> ## <summary>
## The type of the user domain. ## The type of the user domain.
## </summary> ## </summary>
## </param> ## </param>
@ -312,7 +312,7 @@ interface(`postgresql_stream_connect',`
files_search_pids($1) files_search_pids($1)
files_search_tmp($1) files_search_tmp($1)
stream_connect_pattern($1, { postgresql_var_run_t postgresql_tmp_t}, { postgresql_var_run_t postgresql_tmp_t}, postgresql_t) stream_connect_pattern($1, { postgresql_var_run_t postgresql_tmp_t }, { postgresql_var_run_t postgresql_tmp_t }, postgresql_t)
') ')
######################################## ########################################

View File

@ -355,7 +355,7 @@ interface(`ppp_admin',`
type pppd_t, pppd_tmp_t, pppd_log_t, pppd_lock_t; type pppd_t, pppd_tmp_t, pppd_log_t, pppd_lock_t;
type pppd_etc_t, pppd_secret_t, pppd_var_run_t; type pppd_etc_t, pppd_secret_t, pppd_var_run_t;
type pptp_t, pptp_log_t, pptp_var_run_t; type pptp_t, pptp_log_t, pptp_var_run_t;
type pppd_initrc_exec_t, pppd_etc_rw_t; type pppd_initrc_exec_t, pppd_etc_rw_t;
') ')
allow $1 pppd_t:process { ptrace signal_perms }; allow $1 pppd_t:process { ptrace signal_perms };

View File

@ -5,9 +5,9 @@
## Execute a domain transition to run prelude. ## Execute a domain transition to run prelude.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed to transition. ## Domain allowed to transition.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`prelude_domtrans',` interface(`prelude_domtrans',`
@ -23,9 +23,9 @@ interface(`prelude_domtrans',`
## Execute a domain transition to run prelude_audisp. ## Execute a domain transition to run prelude_audisp.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed to transition. ## Domain allowed to transition.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`prelude_domtrans_audisp',` interface(`prelude_domtrans_audisp',`
@ -41,9 +41,9 @@ interface(`prelude_domtrans_audisp',`
## Signal the prelude_audisp domain. ## Signal the prelude_audisp domain.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed acccess. ## Domain allowed acccess.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`prelude_signal_audisp',` interface(`prelude_signal_audisp',`
@ -78,9 +78,9 @@ interface(`prelude_read_spool',`
## Manage to prelude-manager spool files. ## Manage to prelude-manager spool files.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed access. ## Domain allowed access.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`prelude_manage_spool',` interface(`prelude_manage_spool',`

View File

@ -93,7 +93,6 @@ interface(`procmail_read_home_files',`
type procmail_home_t; type procmail_home_t;
') ')
userdom_search_user_home_dirs($1) userdom_search_user_home_dirs($1)
read_files_pattern($1, procmail_home_t, procmail_home_t) read_files_pattern($1, procmail_home_t, procmail_home_t)
') ')

View File

@ -91,7 +91,6 @@ interface(`psad_manage_config',`
files_search_etc($1) files_search_etc($1)
manage_dirs_pattern($1, psad_etc_t, psad_etc_t) manage_dirs_pattern($1, psad_etc_t, psad_etc_t)
manage_files_pattern($1, psad_etc_t, psad_etc_t) manage_files_pattern($1, psad_etc_t, psad_etc_t)
') ')
######################################## ########################################

View File

@ -21,7 +21,7 @@
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`puppet_rw_tmp', ` interface(`puppet_rw_tmp',`
gen_require(` gen_require(`
type puppet_tmp_t; type puppet_tmp_t;
') ')

View File

@ -114,7 +114,7 @@ interface(`pyzor_admin',`
allow $1 pyzord_t:process { ptrace signal_perms }; allow $1 pyzord_t:process { ptrace signal_perms };
ps_process_pattern($1, pyzord_t) ps_process_pattern($1, pyzord_t)
init_labeled_script_domtrans($1, pyzord_initrc_exec_t) init_labeled_script_domtrans($1, pyzord_initrc_exec_t)
domain_system_change_exemption($1) domain_system_change_exemption($1)
role_transition $2 pyzord_initrc_exec_t system_r; role_transition $2 pyzord_initrc_exec_t system_r;
@ -132,5 +132,3 @@ interface(`pyzor_admin',`
files_list_var_lib($1) files_list_var_lib($1)
admin_pattern($1, pyzor_var_lib_t) admin_pattern($1, pyzor_var_lib_t)
') ')

View File

@ -1,4 +1,3 @@
## <summary>policy for qpidd</summary> ## <summary>policy for qpidd</summary>
######################################## ########################################
@ -6,9 +5,9 @@
## Execute a domain transition to run qpidd. ## Execute a domain transition to run qpidd.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed to transition. ## Domain allowed to transition.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`qpidd_domtrans',` interface(`qpidd_domtrans',`
@ -19,7 +18,6 @@ interface(`qpidd_domtrans',`
domtrans_pattern($1, qpidd_exec_t, qpidd_t) domtrans_pattern($1, qpidd_exec_t, qpidd_t)
') ')
######################################## ########################################
## <summary> ## <summary>
## Execute qpidd server in the qpidd domain. ## Execute qpidd server in the qpidd domain.
@ -72,12 +70,11 @@ interface(`qpidd_manage_var_run',`
type qpidd_var_run_t; type qpidd_var_run_t;
') ')
manage_dirs_pattern($1, qpidd_var_run_t, qpidd_var_run_t) manage_dirs_pattern($1, qpidd_var_run_t, qpidd_var_run_t)
manage_files_pattern($1, qpidd_var_run_t, qpidd_var_run_t) manage_files_pattern($1, qpidd_var_run_t, qpidd_var_run_t)
manage_lnk_files_pattern($1, qpidd_var_run_t, qpidd_var_run_t) manage_lnk_files_pattern($1, qpidd_var_run_t, qpidd_var_run_t)
') ')
######################################## ########################################
## <summary> ## <summary>
## Search qpidd lib directories. ## Search qpidd lib directories.
@ -113,7 +110,7 @@ interface(`qpidd_read_lib_files',`
') ')
files_search_var_lib($1) files_search_var_lib($1)
read_files_pattern($1, qpidd_var_lib_t, qpidd_var_lib_t) read_files_pattern($1, qpidd_var_lib_t, qpidd_var_lib_t)
') ')
######################################## ########################################
@ -133,7 +130,7 @@ interface(`qpidd_manage_lib_files',`
') ')
files_search_var_lib($1) files_search_var_lib($1)
manage_files_pattern($1, qpidd_var_lib_t, qpidd_var_lib_t) manage_files_pattern($1, qpidd_var_lib_t, qpidd_var_lib_t)
') ')
######################################## ########################################
@ -151,12 +148,11 @@ interface(`qpidd_manage_var_lib',`
type qpidd_var_lib_t; type qpidd_var_lib_t;
') ')
manage_dirs_pattern($1, qpidd_var_lib_t, qpidd_var_lib_t) manage_dirs_pattern($1, qpidd_var_lib_t, qpidd_var_lib_t)
manage_files_pattern($1, qpidd_var_lib_t, qpidd_var_lib_t) manage_files_pattern($1, qpidd_var_lib_t, qpidd_var_lib_t)
manage_lnk_files_pattern($1, qpidd_var_lib_t, qpidd_var_lib_t) manage_lnk_files_pattern($1, qpidd_var_lib_t, qpidd_var_lib_t)
') ')
######################################## ########################################
## <summary> ## <summary>
## All of the rules required to administrate ## All of the rules required to administrate
@ -181,7 +177,6 @@ interface(`qpidd_admin',`
allow $1 qpidd_t:process { ptrace signal_perms }; allow $1 qpidd_t:process { ptrace signal_perms };
ps_process_pattern($1, qpidd_t) ps_process_pattern($1, qpidd_t)
# Allow qpidd_t to restart the apache service # Allow qpidd_t to restart the apache service
qpidd_initrc_domtrans($1) qpidd_initrc_domtrans($1)
@ -192,41 +187,40 @@ interface(`qpidd_admin',`
qpidd_manage_var_run($1) qpidd_manage_var_run($1)
qpidd_manage_var_lib($1) qpidd_manage_var_lib($1)
') ')
##################################### #####################################
## <summary> ## <summary>
## Allow read and write access to qpidd semaphores. ## Allow read and write access to qpidd semaphores.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed access. ## Domain allowed access.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`qpidd_rw_semaphores',` interface(`qpidd_rw_semaphores',`
gen_require(` gen_require(`
type qpidd_t; type qpidd_t;
') ')
allow $1 qpidd_t:sem rw_sem_perms; allow $1 qpidd_t:sem rw_sem_perms;
') ')
######################################## ########################################
## <summary> ## <summary>
## Read and write to qpidd shared memory. ## Read and write to qpidd shared memory.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed access. ## Domain allowed access.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`qpidd_rw_shm',` interface(`qpidd_rw_shm',`
gen_require(` gen_require(`
type qpidd_t; type qpidd_t;
') ')
allow $1 qpidd_t:shm rw_shm_perms; allow $1 qpidd_t:shm rw_shm_perms;
') ')

View File

@ -26,6 +26,7 @@ template(`razor_common_domain_template',`
gen_require(` gen_require(`
type razor_exec_t, razor_etc_t, razor_log_t, razor_var_lib_t; type razor_exec_t, razor_etc_t, razor_log_t, razor_var_lib_t;
') ')
type $1_t; type $1_t;
domain_type($1_t) domain_type($1_t)
domain_entry_file($1_t, razor_exec_t) domain_entry_file($1_t, razor_exec_t)
@ -197,4 +198,3 @@ interface(`razor_read_lib_files',`
files_search_var_lib($1) files_search_var_lib($1)
read_files_pattern($1, razor_var_lib_t, razor_var_lib_t) read_files_pattern($1, razor_var_lib_t, razor_var_lib_t)
') ')

View File

@ -5,9 +5,9 @@
## Execute a domain transition to run rgmanager. ## Execute a domain transition to run rgmanager.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed to transition. ## Domain allowed to transition.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`rgmanager_domtrans',` interface(`rgmanager_domtrans',`
@ -78,20 +78,20 @@ interface(`rgmanager_manage_tmpfs_files',`
####################################### #######################################
## <summary> ## <summary>
## Allow read and write access to rgmanager semaphores. ## Allow read and write access to rgmanager semaphores.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed access. ## Domain allowed access.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`rgmanager_rw_semaphores',` interface(`rgmanager_rw_semaphores',`
gen_require(` gen_require(`
type rgmanager_t; type rgmanager_t;
') ')
allow $1 rgmanager_t:sem { unix_read unix_write associate read write }; allow $1 rgmanager_t:sem { unix_read unix_write associate read write };
') ')
###################################### ######################################
@ -100,9 +100,9 @@ interface(`rgmanager_rw_semaphores',`
## an rgmanager environment ## an rgmanager environment
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed access. ## Domain allowed access.
## </summary> ## </summary>
## </param> ## </param>
## <param name="role"> ## <param name="role">
## <summary> ## <summary>
@ -115,7 +115,7 @@ interface(`rgmanager_admin',`
gen_require(` gen_require(`
type rgmanager_t, rgmanager_initrc_exec_t, rgmanager_tmp_t; type rgmanager_t, rgmanager_initrc_exec_t, rgmanager_tmp_t;
type rgmanager_tmpfs_t, rgmanager_var_log_t, rgmanager_var_run_t; type rgmanager_tmpfs_t, rgmanager_var_log_t, rgmanager_var_run_t;
') ')
allow $1 rgmanager_t:process { ptrace signal_perms }; allow $1 rgmanager_t:process { ptrace signal_perms };
ps_process_pattern($1, rgmanager_t) ps_process_pattern($1, rgmanager_t)

View File

@ -51,7 +51,6 @@ template(`rhcs_domain_template',`
manage_fifo_files_pattern($1_t, $1_var_run_t, $1_var_run_t) manage_fifo_files_pattern($1_t, $1_var_run_t, $1_var_run_t)
manage_sock_files_pattern($1_t, $1_var_run_t, $1_var_run_t) manage_sock_files_pattern($1_t, $1_var_run_t, $1_var_run_t)
files_pid_filetrans($1_t, $1_var_run_t, { file fifo_file }) files_pid_filetrans($1_t, $1_var_run_t, { file fifo_file })
') ')
###################################### ######################################
@ -59,9 +58,9 @@ template(`rhcs_domain_template',`
## Execute a domain transition to run dlm_controld. ## Execute a domain transition to run dlm_controld.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed to transition. ## Domain allowed to transition.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`rhcs_domtrans_dlm_controld',` interface(`rhcs_domtrans_dlm_controld',`
@ -358,40 +357,40 @@ interface(`rhcs_rw_cluster_shm',`
#################################### ####################################
## <summary> ## <summary>
## Read and write access to cluster domains semaphores. ## Read and write access to cluster domains semaphores.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed access. ## Domain allowed access.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`rhcs_rw_cluster_semaphores',` interface(`rhcs_rw_cluster_semaphores',`
gen_require(` gen_require(`
attribute cluster_domain; attribute cluster_domain;
') ')
allow $1 cluster_domain:sem { rw_sem_perms destroy }; allow $1 cluster_domain:sem { rw_sem_perms destroy };
') ')
#################################### ####################################
## <summary> ## <summary>
## Connect to cluster domains over a unix domain ## Connect to cluster domains over a unix domain
## stream socket. ## stream socket.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed access. ## Domain allowed access.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`rhcs_stream_connect_cluster',` interface(`rhcs_stream_connect_cluster',`
gen_require(` gen_require(`
attribute cluster_domain, cluster_pid; attribute cluster_domain, cluster_pid;
') ')
files_search_pids($1) files_search_pids($1)
stream_connect_pattern($1, cluster_pid, cluster_pid, cluster_domain) stream_connect_pattern($1, cluster_pid, cluster_pid, cluster_domain)
') ')
###################################### ######################################
@ -433,19 +432,19 @@ interface(`rhcs_read_qdiskd_tmpfs_files',`
###################################### ######################################
## <summary> ## <summary>
## Allow domain to read cluster lib files ## Allow domain to read cluster lib files
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed access. ## Domain allowed access.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`rhcs_read_cluster_lib_files',` interface(`rhcs_read_cluster_lib_files',`
gen_require(` gen_require(`
type cluster_var_lib_t; type cluster_var_lib_t;
') ')
files_search_var_lib($1) files_search_var_lib($1)
read_files_pattern($1, cluster_var_lib_t, cluster_var_lib_t) read_files_pattern($1, cluster_var_lib_t, cluster_var_lib_t)
') ')

View File

@ -5,9 +5,9 @@
## Execute a domain transition to run ricci. ## Execute a domain transition to run ricci.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed to transition. ## Domain allowed to transition.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`ricci_domtrans',` interface(`ricci_domtrans',`
@ -20,20 +20,20 @@ interface(`ricci_domtrans',`
####################################### #######################################
## <summary> ## <summary>
## Execute ricci server in the ricci domain. ## Execute ricci server in the ricci domain.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed access. ## Domain allowed access.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`ricci_initrc_domtrans', ` interface(`ricci_initrc_domtrans',`
gen_require(` gen_require(`
type ricci_initrc_exec_t; type ricci_initrc_exec_t;
') ')
init_labeled_script_domtrans($1, ricci_initrc_exec_t) init_labeled_script_domtrans($1, ricci_initrc_exec_t)
') ')
######################################## ########################################
@ -41,9 +41,9 @@ interface(`ricci_initrc_domtrans', `
## Execute a domain transition to run ricci_modcluster. ## Execute a domain transition to run ricci_modcluster.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed to transition. ## Domain allowed to transition.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`ricci_domtrans_modcluster',` interface(`ricci_domtrans_modcluster',`
@ -134,9 +134,9 @@ interface(`ricci_rw_modclusterd_tmpfs_files',`
## Execute a domain transition to run ricci_modlog. ## Execute a domain transition to run ricci_modlog.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed to transition. ## Domain allowed to transition.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`ricci_domtrans_modlog',` interface(`ricci_domtrans_modlog',`
@ -152,9 +152,9 @@ interface(`ricci_domtrans_modlog',`
## Execute a domain transition to run ricci_modrpm. ## Execute a domain transition to run ricci_modrpm.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed to transition. ## Domain allowed to transition.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`ricci_domtrans_modrpm',` interface(`ricci_domtrans_modrpm',`
@ -170,9 +170,9 @@ interface(`ricci_domtrans_modrpm',`
## Execute a domain transition to run ricci_modservice. ## Execute a domain transition to run ricci_modservice.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed to transition. ## Domain allowed to transition.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`ricci_domtrans_modservice',` interface(`ricci_domtrans_modservice',`
@ -188,9 +188,9 @@ interface(`ricci_domtrans_modservice',`
## Execute a domain transition to run ricci_modstorage. ## Execute a domain transition to run ricci_modstorage.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed to transition. ## Domain allowed to transition.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`ricci_domtrans_modstorage',` interface(`ricci_domtrans_modstorage',`
@ -203,22 +203,22 @@ interface(`ricci_domtrans_modstorage',`
#################################### ####################################
## <summary> ## <summary>
## Allow the specified domain to manage ricci's lib files. ## Allow the specified domain to manage ricci's lib files.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed access. ## Domain allowed access.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`ricci_manage_lib_files',` interface(`ricci_manage_lib_files',`
gen_require(` gen_require(`
type ricci_var_lib_t; type ricci_var_lib_t;
') ')
files_search_var_lib($1) files_search_var_lib($1)
manage_dirs_pattern($1, ricci_var_lib_t, ricci_var_lib_t) manage_dirs_pattern($1, ricci_var_lib_t, ricci_var_lib_t)
manage_files_pattern($1, ricci_var_lib_t, ricci_var_lib_t) manage_files_pattern($1, ricci_var_lib_t, ricci_var_lib_t)
') ')
######################################## ########################################
@ -254,7 +254,7 @@ interface(`ricci_admin',`
files_list_tmp($1) files_list_tmp($1)
admin_pattern($1, ricci_tmp_t) admin_pattern($1, ricci_tmp_t)
files_list_var_lib($1) files_list_var_lib($1)
admin_pattern($1, ricci_var_lib_t) admin_pattern($1, ricci_var_lib_t)

View File

@ -32,7 +32,7 @@ interface(`rpc_stub',`
## </summary> ## </summary>
## </param> ## </param>
# #
template(`rpc_domain_template', ` template(`rpc_domain_template',`
######################################## ########################################
# #
# Declarations # Declarations

View File

@ -5,9 +5,9 @@
## Execute a domain transition to run rpcbind. ## Execute a domain transition to run rpcbind.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed to transition. ## Domain allowed to transition.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`rpcbind_domtrans',` interface(`rpcbind_domtrans',`

View File

@ -109,9 +109,9 @@ interface(`rsync_exec',`
## Read rsync config files. ## Read rsync config files.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed access. ## Domain allowed access.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`rsync_read_config',` interface(`rsync_read_config',`
@ -128,9 +128,9 @@ interface(`rsync_read_config',`
## Write to rsync config files. ## Write to rsync config files.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed access. ## Domain allowed access.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`rsync_write_config',` interface(`rsync_write_config',`
@ -147,9 +147,9 @@ interface(`rsync_write_config',`
## Manage rsync config files. ## Manage rsync config files.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed. ## Domain allowed.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`rsync_manage_config',` interface(`rsync_manage_config',`

View File

@ -5,9 +5,9 @@
## Execute a domain transition to run rtkit_daemon. ## Execute a domain transition to run rtkit_daemon.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed to transition. ## Domain allowed to transition.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`rtkit_daemon_domtrans',` interface(`rtkit_daemon_domtrans',`

View File

@ -5,9 +5,9 @@
## Execute a domain transition to run rwho. ## Execute a domain transition to run rwho.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed to transition. ## Domain allowed to transition.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`rwho_domtrans',` interface(`rwho_domtrans',`

View File

@ -58,7 +58,7 @@ interface(`varnishd_read_config',`
##################################### #####################################
## <summary> ## <summary>
## Read varnish lib files. ## Read varnish lib files.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>

View File

@ -1,15 +1,13 @@
## <summary>policy for vnstatd</summary> ## <summary>policy for vnstatd</summary>
######################################## ########################################
## <summary> ## <summary>
## Execute a domain transition to run vnstatd. ## Execute a domain transition to run vnstatd.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed access. ## Domain allowed access.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`vnstatd_domtrans',` interface(`vnstatd_domtrans',`
@ -20,16 +18,14 @@ interface(`vnstatd_domtrans',`
domtrans_pattern($1, vnstatd_exec_t, vnstatd_t) domtrans_pattern($1, vnstatd_exec_t, vnstatd_t)
') ')
######################################## ########################################
## <summary> ## <summary>
## Execute a domain transition to run vnstat. ## Execute a domain transition to run vnstat.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">
## <summary> ## <summary>
## Domain allowed access. ## Domain allowed access.
## </summary> ## </summary>
## </param> ## </param>
# #
interface(`vnstatd_domtrans_vnstat',` interface(`vnstatd_domtrans_vnstat',`
@ -75,7 +71,7 @@ interface(`vnstatd_read_lib_files',`
') ')
files_search_var_lib($1) files_search_var_lib($1)
read_files_pattern($1, vnstatd_var_lib_t, vnstatd_var_lib_t) read_files_pattern($1, vnstatd_var_lib_t, vnstatd_var_lib_t)
') ')
######################################## ########################################
@ -95,7 +91,7 @@ interface(`vnstatd_manage_lib_files',`
') ')
files_search_var_lib($1) files_search_var_lib($1)
manage_files_pattern($1, vnstatd_var_lib_t, vnstatd_var_lib_t) manage_files_pattern($1, vnstatd_var_lib_t, vnstatd_var_lib_t)
') ')
######################################## ########################################
@ -114,7 +110,7 @@ interface(`vnstatd_manage_lib_dirs',`
') ')
files_search_var_lib($1) files_search_var_lib($1)
manage_dirs_pattern($1, vnstatd_var_lib_t, vnstatd_var_lib_t) manage_dirs_pattern($1, vnstatd_var_lib_t, vnstatd_var_lib_t)
') ')
@ -138,7 +134,7 @@ interface(`vnstatd_manage_lib_dirs',`
interface(`vnstatd_admin',` interface(`vnstatd_admin',`
gen_require(` gen_require(`
type vnstatd_t; type vnstatd_t;
type vnstatd_var_lib_t; type vnstatd_var_lib_t;
') ')
allow $1 vnstatd_t:process { ptrace signal_perms }; allow $1 vnstatd_t:process { ptrace signal_perms };
@ -146,5 +142,4 @@ interface(`vnstatd_admin',`
files_list_var_lib($1) files_list_var_lib($1)
admin_pattern($1, vnstatd_var_lib_t) admin_pattern($1, vnstatd_var_lib_t)
') ')

View File

@ -243,7 +243,7 @@ interface(`xserver_rw_session',`
type xserver_t, xserver_tmpfs_t; type xserver_t, xserver_tmpfs_t;
') ')
xserver_ro_session($1,$2) xserver_ro_session($1, $2)
allow $1 xserver_t:shm rw_shm_perms; allow $1 xserver_t:shm rw_shm_perms;
allow $1 xserver_tmpfs_t:file rw_file_perms; allow $1 xserver_tmpfs_t:file rw_file_perms;
') ')