From 908390511e6b6e7604ed57ac45b8282422658aea Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: Mon, 23 Jan 2006 19:02:15 +0000 Subject: [PATCH] add home_domain() --- docs/macro_conversion_guide | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/docs/macro_conversion_guide b/docs/macro_conversion_guide index 59739574..ed3e47a5 100644 --- a/docs/macro_conversion_guide +++ b/docs/macro_conversion_guide @@ -932,6 +932,32 @@ kernel_getattr_core($1) kernel_getattr_message_if($1) kernel_read_kernel_sysctl($1) +# +# home_domain($1,$2) +# +type $1_$2_home_t alias $1_$2_rw_t; +files_poly_member($1_$2_home_t) +userdom_home_file($1,$1_$2_home_t) +allow $1_t $1_$2_home_t:dir manage_dir_perms; +allow $1_t $1_$2_home_t:file manage_file_perms; +allow $1_t $1_$2_home_t:lnk_file create_lnk_perms; +allow $1_t $1_$2_home_t:{ dir file lnk_file } { relabelfrom relabelto }; +userdom_search_user_home($1,$1_$2_t) +allow $1_$2_t $1_$2_home_t:dir manage_dir_perms; +allow $1_$2_t $1_$2_home_t:file manage_file_perms; +allow $1_$2_t $1_$2_home_t:lnk_file create_lnk_perms; +fs_search_auto_mountpoints($1_$2_t) +tunable_policy(`use_nfs_home_dirs',` +fs_manage_nfs_dirs($1_$2_t) +fs_manage_nfs_files($1_$2_t) +fs_manage_nfs_symlinks($1_$2_t) +') +tunable_policy(`use_samba_home_dirs',` +fs_manage_cifs_dirs($1_$2_t) +fs_manage_cifs_files($1_$2_t) +fs_manage_cifs_symlinks($1_$2_t) +') + # # in_user_role(): # @@ -1175,7 +1201,7 @@ allow $1_t $1_tmpfs_t:file { create ioctl read getattr lock write setattr append allow $1_t $1_tmpfs_t:lnk_file { create read getattr setattr link unlink rename }; allow $1_t $1_tmpfs_t:sock_file { create ioctl read getattr lock write setattr append link unlink rename }; allow $1_t $1_tmpfs_t:fifo_file { create ioctl read getattr lock write setattr append link unlink rename }; -fs_create_tmpfs($1_t,$1_tmpfs_t,{ dir file lnk_file sock_file fifo_file }) +fs_filetrans_tmpfs($1_t,$1_tmpfs_t,{ dir file lnk_file sock_file fifo_file }) # # unconfined_domain(): complete