rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

add rootfs dontaudits for use in init.te

Browse Source
This commit is contained in:
Chris PeBenito 2005-04-19 18:57:13 +00:00
parent 053f6a200a
commit 7aebdb853d
1 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
refpolicy/policy/modules/system/files.if
View File

@ -67,6 +67,34 @@ type root_t;
class dir { getattr search read write add_name }; class dir { getattr search read write add_name };
') ')
########################################
#
# files_ignore_modify_rootfs_file(domain,[`optional'])
#
define(`files_ignore_modify_rootfs_file',`
requires_block_template(files_ignore_modify_rootfs_file_depend,$2)
dontaudit $1 root_t:file { read write };
')
define(`files_ignore_modify_rootfs_file_depend',`
type root_t;
class file { read write };
')
########################################
#
# files_ignore_modify_rootfs_device(domain,[`optional'])
#
define(`files_ignore_modify_rootfs_device',`
requires_block_template(files_ignore_modify_rootfs_device_depend,$2)
dontaudit $1 root_t:chr_file { read write };
')
define(`files_ignore_modify_rootfs_device_depend',`
type root_t;
class chr_file { read write };
')
######################################## ########################################
# #
# files_create_private_root_dir_entry(domain,privatetype,[class(es)],[`optional']) # files_create_private_root_dir_entry(domain,privatetype,[class(es)],[`optional'])