add stuff from distros.fc
This commit is contained in:
Chris PeBenito
parent
e6f94f7eed
commit
9c6feb63de
@ -1,5 +1,5 @@
|
||||
/etc/dbus-1(/.*)? gen_context(system_u:object_r:etc_dbusd_t,s0)
|
||||
/etc/dbus-1(/.*)? gen_context(system_u:object_r:etc_dbusd_t,s0)
|
||||
|
||||
/usr/bin/dbus-daemon(-1)? -- gen_context(system_u:object_r:system_dbusd_exec_t,s0)
|
||||
/usr/bin/dbus-daemon(-1)? -- gen_context(system_u:object_r:system_dbusd_exec_t,s0)
|
||||
|
||||
/var/run/dbus(/.*)? gen_context(system_u:object_r:system_dbusd_var_run_t,s0)
|
||||
/var/run/dbus(/.*)? gen_context(system_u:object_r:system_dbusd_var_run_t,s0)
|
||||
|
||||
@ -2,95 +2,95 @@
|
||||
#
|
||||
# /bin
|
||||
#
|
||||
/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
/bin/d?ash -- gen_context(system_u:object_r:shell_exec_t,s0)
|
||||
/bin/bash -- gen_context(system_u:object_r:shell_exec_t,s0)
|
||||
/bin/bash2 -- gen_context(system_u:object_r:shell_exec_t,s0)
|
||||
/bin/ls -- gen_context(system_u:object_r:ls_exec_t,s0)
|
||||
/bin/sash -- gen_context(system_u:object_r:shell_exec_t,s0)
|
||||
/bin/tcsh -- gen_context(system_u:object_r:shell_exec_t,s0)
|
||||
/bin/zsh.* -- gen_context(system_u:object_r:shell_exec_t,s0)
|
||||
/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
/bin/d?ash -- gen_context(system_u:object_r:shell_exec_t,s0)
|
||||
/bin/bash -- gen_context(system_u:object_r:shell_exec_t,s0)
|
||||
/bin/bash2 -- gen_context(system_u:object_r:shell_exec_t,s0)
|
||||
/bin/ls -- gen_context(system_u:object_r:ls_exec_t,s0)
|
||||
/bin/sash -- gen_context(system_u:object_r:shell_exec_t,s0)
|
||||
/bin/tcsh -- gen_context(system_u:object_r:shell_exec_t,s0)
|
||||
/bin/zsh.* -- gen_context(system_u:object_r:shell_exec_t,s0)
|
||||
|
||||
#
|
||||
# /dev
|
||||
#
|
||||
/dev/MAKEDEV -- gen_context(system_u:object_r:sbin_t,s0)
|
||||
/dev/MAKEDEV -- gen_context(system_u:object_r:sbin_t,s0)
|
||||
|
||||
#
|
||||
# /emul
|
||||
#
|
||||
ifdef(`distro_redhat',`
|
||||
/emul/ia32-linux/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
/emul/ia32-linux/sbin(/.*)? gen_context(system_u:object_r:sbin_t,s0)
|
||||
/emul/ia32-linux/usr(/.*)?/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
/emul/ia32-linux/usr(/.*)?/Bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
/emul/ia32-linux/usr(/.*)?/sbin(/.*)? gen_context(system_u:object_r:sbin_t,s0)
|
||||
/emul/ia32-linux/usr/libexec(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
')
|
||||
|
||||
#
|
||||
# /etc
|
||||
#
|
||||
/etc/hotplug/.*agent -- gen_context(system_u:object_r:sbin_t,s0)
|
||||
/etc/hotplug/.*rc -- gen_context(system_u:object_r:sbin_t,s0)
|
||||
/etc/hotplug/hotplug\.functions -- gen_context(system_u:object_r:sbin_t,s0)
|
||||
/etc/hotplug\.d/default/default.* gen_context(system_u:object_r:sbin_t,s0)
|
||||
/etc/hotplug/.*agent -- gen_context(system_u:object_r:sbin_t,s0)
|
||||
/etc/hotplug/.*rc -- gen_context(system_u:object_r:sbin_t,s0)
|
||||
/etc/hotplug/hotplug\.functions -- gen_context(system_u:object_r:sbin_t,s0)
|
||||
/etc/hotplug\.d/default/default.* gen_context(system_u:object_r:sbin_t,s0)
|
||||
|
||||
/etc/netplug\.d(/.*)? gen_context(system_u:object_r:sbin_t,s0)
|
||||
/etc/netplug\.d(/.*)? gen_context(system_u:object_r:sbin_t,s0)
|
||||
|
||||
/etc/ppp/ip-down\..* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/etc/ppp/ip-up\..* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/etc/ppp/ipv6-up\..* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/etc/ppp/ipv6-down\..* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/etc/ppp/ip-down\..* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/etc/ppp/ip-up\..* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/etc/ppp/ipv6-up\..* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/etc/ppp/ipv6-down\..* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
|
||||
ifdef(`distro_debian',`
|
||||
/etc/mysql/debian-start -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/etc/mysql/debian-start -- gen_context(system_u:object_r:bin_t,s0)
|
||||
')
|
||||
|
||||
ifdef(`targeted_policy',`
|
||||
/etc/X11/prefdm -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/etc/X11/prefdm -- gen_context(system_u:object_r:bin_t,s0)
|
||||
')
|
||||
|
||||
/etc/X11/xdm/GiveConsole -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/etc/X11/xdm/TakeConsole -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/etc/X11/xdm/Xsetup_0 -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/etc/X11/xinit(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
/etc/X11/xdm/GiveConsole -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/etc/X11/xdm/TakeConsole -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/etc/X11/xdm/Xsetup_0 -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/etc/X11/xinit(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
|
||||
#
|
||||
# /sbin
|
||||
#
|
||||
/sbin(/.*)? gen_context(system_u:object_r:sbin_t,s0)
|
||||
/sbin/mkfs\.cramfs -- gen_context(system_u:object_r:sbin_t,s0)
|
||||
/sbin/insmod_ksymoops_clean -- gen_context(system_u:object_r:sbin_t,s0)
|
||||
/sbin(/.*)? gen_context(system_u:object_r:sbin_t,s0)
|
||||
/sbin/mkfs\.cramfs -- gen_context(system_u:object_r:sbin_t,s0)
|
||||
/sbin/insmod_ksymoops_clean -- gen_context(system_u:object_r:sbin_t,s0)
|
||||
|
||||
#
|
||||
# /opt
|
||||
#
|
||||
/opt(/.*)?/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
/opt(/.*)?/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
|
||||
/opt(/.*)?/libexec(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
/opt(/.*)?/libexec(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
|
||||
/opt(/.*)?/sbin(/.*)? gen_context(system_u:object_r:sbin_t,s0)
|
||||
/opt(/.*)?/sbin(/.*)? gen_context(system_u:object_r:sbin_t,s0)
|
||||
|
||||
#
|
||||
# /usr
|
||||
#
|
||||
ifdef(`distro_gentoo', `
|
||||
/usr/.*-.*-linux-gnu/gcc-bin/.*(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
')
|
||||
/usr(/.*)?/Bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
|
||||
/usr(/.*)?/Bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr(/.*)?/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
|
||||
/usr(/.*)?/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr(/.*)?/sbin(/.*)? gen_context(system_u:object_r:sbin_t,s0)
|
||||
|
||||
/usr(/.*)?/sbin(/.*)? gen_context(system_u:object_r:sbin_t,s0)
|
||||
/usr/lib/pgsql/test/regress/.*\.sh -- gen_context(system_u:object_r:bin_t,s0)
|
||||
|
||||
ifdef(`distro_suse', `
|
||||
/usr/lib/cron/run-crons -- gen_context(system_u:object_r:bin_t,s0)
|
||||
')
|
||||
|
||||
/usr/lib/pgsql/test/regress/.*\.sh -- gen_context(system_u:object_r:bin_t,s0)
|
||||
|
||||
/usr/lib(64)?/cups/cgi-bin/.* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/lib(64)?/cups/filter/.* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/lib(64)?/cyrus-imapd/.* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/lib(64)?/sftp-server -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/lib(64)?/emacsen-common/.* gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/lib(64)?/ipsec/.* -- gen_context(system_u:object_r:sbin_t,s0)
|
||||
/usr/lib(64)?/misc/sftp-server -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/lib(64)?/news/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
|
||||
ifdef(`distro_suse', `
|
||||
/usr/lib(64)?/ssh/.* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
')
|
||||
/usr/lib(64)?/cups/cgi-bin/.* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/lib(64)?/cups/filter/.* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/lib(64)?/cyrus-imapd/.* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/lib(64)?/sftp-server -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/lib(64)?/emacsen-common/.* gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/lib(64)?/ipsec/.* -- gen_context(system_u:object_r:sbin_t,s0)
|
||||
/usr/lib(64)?/misc/sftp-server -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/lib(64)?/news/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
|
||||
/usr/lib(64)?/[^/]*thunderbird[^/]*/thunderbird -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/lib(64)?/[^/]*thunderbird[^/]*/thunderbird-bin -- gen_context(system_u:object_r:bin_t,s0)
|
||||
@ -98,29 +98,78 @@ ifdef(`distro_suse', `
|
||||
/usr/lib(64)?/[^/]*/run-mozilla\.sh -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/lib(64)?/[^/]*/mozilla-xremote-client -- gen_context(system_u:object_r:bin_t,s0)
|
||||
|
||||
/usr/libexec(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/libexec/openssh/sftp-server -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/libexec(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/libexec/openssh/sftp-server -- gen_context(system_u:object_r:bin_t,s0)
|
||||
|
||||
/usr/local/lib(64)?/ipsec/.* -- gen_context(system_u:object_r:sbin_t,s0)
|
||||
/usr/local/lib(64)?/ipsec/.* -- gen_context(system_u:object_r:sbin_t,s0)
|
||||
|
||||
/usr/sbin/sesh -- gen_context(system_u:object_r:shell_exec_t,s0)
|
||||
/usr/sbin/sesh -- gen_context(system_u:object_r:shell_exec_t,s0)
|
||||
|
||||
/usr/share/gnucash/finance-quote-check -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/gnucash/finance-quote-helper -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/mc/extfs/.* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/printconf/util/print\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/turboprint/lib(/.*)? -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/mc/extfs/.* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/printconf/util/print\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/turboprint/lib(/.*)? -- gen_context(system_u:object_r:bin_t,s0)
|
||||
|
||||
ifdef(`distro_suse',`
|
||||
/usr/share/apache2/[^/]* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
ifdef(`distro_gentoo', `
|
||||
/usr/.*-.*-linux-gnu/gcc-bin/.*(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
')
|
||||
|
||||
ifdef(`distro_redhat', `
|
||||
/usr/lib/.*/program(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/authconfig/authconfig-gtk\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/cvs/contrib/rcs2log -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/hwbrowser/hwbrowser -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/pwlib/make/ptlib-config -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/pydict/pydict\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/rhn/rhn_applet/applet\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/rhn/rhn_applet/needed-packages\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/ssl/misc(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/switchdesk/switchdesk-gui\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-date/system-config-date\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-display/system-config-display -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-httpd/system-config-httpd -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-keyboard/system-config-keyboard -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-language/system-config-language -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-lvm/system-config-lvm.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-mouse/system-config-mouse -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-netboot/system-config-netboot\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-netboot/pxeos\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-netboot/pxeboot\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-network(/netconfig)?/[^/]+\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-network/neat-control\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-nfs/nfs-export\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-nfs/system-config-nfs\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-rootpassword/system-config-rootpassword -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-samba/system-config-samba\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-securitylevel/system-config-securitylevel\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-services/serviceconf\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-services/system-config-services -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-soundcard/system-config-soundcard -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-config-users/system-config-users -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/system-logviewer/system-logviewer\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/texmf/web2c/mktexdir -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/texmf/web2c/mktexnam -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/texmf/web2c/mktexupd -- gen_context(system_u:object_r:bin_t,s0)
|
||||
')
|
||||
|
||||
ifdef(`distro_suse', `
|
||||
/usr/lib/cron/run-crons -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/lib/samba/classic/.* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/lib(64)?/ssh/.* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/apache2/[^/]* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
')
|
||||
|
||||
#
|
||||
# /var
|
||||
#
|
||||
/var/mailman/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
/var/mailman/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
|
||||
/var/ftp/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
/var/ftp/bin/ls -- gen_context(system_u:object_r:ls_exec_t,s0)
|
||||
/var/ftp/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
/var/ftp/bin/ls -- gen_context(system_u:object_r:ls_exec_t,s0)
|
||||
|
||||
/usr/lib/yp/.+ -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/lib/yp/.+ -- gen_context(system_u:object_r:bin_t,s0)
|
||||
|
||||
ifdef(`distro_suse',`
|
||||
/var/lib/samba/bin/.+ gen_context(system_u:object_r:bin_t,s0)
|
||||
')
|
||||
|
||||
@ -5,6 +5,7 @@
|
||||
/.* gen_context(system_u:object_r:default_t,s0)
|
||||
/ -d gen_context(system_u:object_r:root_t,s0)
|
||||
/\.journal <<none>>
|
||||
|
||||
ifdef(`distro_redhat',`
|
||||
/\.autofsck -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
||||
/\.autorelabel -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
||||
@ -15,6 +16,10 @@ ifdef(`distro_redhat',`
|
||||
/poweroff -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
||||
')
|
||||
|
||||
ifdef(`distro_suse',`
|
||||
/success -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
||||
')
|
||||
|
||||
#
|
||||
# /boot
|
||||
#
|
||||
@ -22,6 +27,14 @@ ifdef(`distro_redhat',`
|
||||
/boot/lost\+found -d gen_context(system_u:object_r:lost_found_t,s0)
|
||||
/boot/lost\+found/.* <<none>>
|
||||
|
||||
#
|
||||
# /emul
|
||||
#
|
||||
|
||||
ifdef(`distro_redhat',`
|
||||
/emul(/.*)? gen_context(system_u:object_r:usr_t,s0)
|
||||
')
|
||||
|
||||
#
|
||||
# /etc
|
||||
#
|
||||
@ -43,9 +56,6 @@ ifdef(`distro_redhat',`
|
||||
/etc/cups/client\.conf -- gen_context(system_u:object_r:etc_t,s0)
|
||||
|
||||
/etc/init\.d/functions -- gen_context(system_u:object_r:etc_t,s0)
|
||||
ifdef(`distro_suse',`
|
||||
/etc/init\.d/\.depend.* -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
||||
')
|
||||
|
||||
/etc/ipsec\.d/examples(/.*)? gen_context(system_u:object_r:etc_t,s0)
|
||||
|
||||
@ -65,7 +75,19 @@ ifdef(`distro_gentoo', `
|
||||
/etc/env\.d/.* -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
||||
')
|
||||
|
||||
# HOME_ROOT expands to all valid home directory prefixes found in /etc/passwd
|
||||
ifdef(`distro_redhat',`
|
||||
/etc/rhgb(/.*)? -d gen_context(system_u:object_r:mnt_t,s0)
|
||||
')
|
||||
|
||||
ifdef(`distro_suse',`
|
||||
/etc/defkeymap\.map -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
||||
/etc/init\.d/\.depend.* -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
||||
')
|
||||
|
||||
#
|
||||
# HOME_ROOT
|
||||
# expanded by genhomedircon
|
||||
#
|
||||
HOME_ROOT -d gen_context(system_u:object_r:home_root_t,s0)
|
||||
HOME_ROOT/\.journal <<none>>
|
||||
HOME_ROOT/lost\+found -d gen_context(system_u:object_r:lost_found_t,s0)
|
||||
|
||||
@ -1,3 +1,17 @@
|
||||
#
|
||||
# /emul
|
||||
#
|
||||
ifdef(`distro_redhat',`
|
||||
/emul/ia32-linux/usr(/.*)?/lib(/.*)? gen_context(system_u:object_r:lib_t,s0)
|
||||
/emul/ia32-linux/usr(/.*)?/lib/.*\.so(\.[^/]*)* -- gen_context(system_u:object_r:shlib_t,s0)
|
||||
/emul/ia32-linux/usr(/.*)?/java/.*\.so(\.[^/]*)* -- gen_context(system_u:object_r:shlib_t,s0)
|
||||
/emul/ia32-linux/usr(/.*)?/java/.*\.jar -- gen_context(system_u:object_r:shlib_t,s0)
|
||||
/emul/ia32-linux/usr(/.*)?/java/.*\.jsa -- gen_context(system_u:object_r:shlib_t,s0)
|
||||
/emul/ia32-linux/usr(/.*)?/lib(/.*)?/ld-[^/]*\.so(\.[^/]*)* gen_context(system_u:object_r:ld_so_t,s0)
|
||||
/emul/ia32-linux/lib(/.*)? gen_context(system_u:object_r:lib_t,s0)
|
||||
/emul/ia32-linux/lib/.*\.so(\.[^/]*)* -- gen_context(system_u:object_r:shlib_t,s0)
|
||||
/emul/ia32-linux/lib(/.*)?/ld-[^/]*\.so(\.[^/]*)* -- gen_context(system_u:object_r:ld_so_t,s0)
|
||||
')
|
||||
|
||||
#
|
||||
# /etc
|
||||
@ -57,6 +71,103 @@
|
||||
/usr/X11R6/lib/libXvMCNVIDIA\.so.* -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
|
||||
/usr/x11R6/lib/modules/extensions/libglx\.so(\.[^/]*)* -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
|
||||
ifdef(`distro_redhat',`
|
||||
/usr/lib/.*/program/.*\.so.* gen_context(system_u:object_r:shlib_t,s0)
|
||||
/usr/share/rhn/rhn_applet/eggtrayiconmodule\.so -- gen_context(system_u:object_r:shlib_t,s0)
|
||||
|
||||
# The following are libraries with text relocations in need of execmod permissions
|
||||
# Some of them should be fixed and removed from this list
|
||||
|
||||
# Fedora Core packages: gstreamer-plugins, compat-libstdc++, Glide3, libdv
|
||||
# HelixPlayer, SDL, xorg-x11, xorg-x11-libs, Hermes, valgrind, openoffice.org-libs, httpd - php
|
||||
/usr/lib/gstreamer-.*/libgstffmpeg\.so.* -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/gstreamer-.*/libgsthermescolorspace\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/gstreamer-.*/libgstmms\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/libstdc\+\+\.so\.2\.7\.2\.8 -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/libg\+\+\.so\.2\.7\.2\.8 -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/libglide3\.so.* -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/libdv\.so.* -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/helix/plugins/oggfformat\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/helix/plugins/theorarend\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/helix/plugins/vorbisrend\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/helix/codecs/colorcvt\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/helix/codecs/cvt1\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/libSDL-.*\.so.* -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/X11R6/lib/modules/dri/.*\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/X11R6/lib/libOSMesa\.so.* -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/X11R6/lib/libfglrx_gamma\.so.* -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/libHermes\.so.* -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/valgrind/hp2ps -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/valgrind/stage2 -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/valgrind/vg.*\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/.*/libxpcom_core.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/.*/program/libicudata\.so.* -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/.*/program/libsts645li\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/.*/program/libvclplug_gen645li\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/.*/program/libwrp645li\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/.*/program/libswd680li\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib(64)?/.*/program/librecentfile\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib(64)?/.*/program/libsvx680li\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib(64)?/.*/program/libcomphelp4gcc3\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib(64)?/.*/program/libsoffice\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
|
||||
# Fedora Extras packages: ladspa, imlib2, ocaml
|
||||
/usr/lib/ladspa/analogue_osc_1416\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/ladspa/bandpass_a_iir_1893\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/ladspa/bandpass_iir_1892\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/ladspa/butterworth_1902\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/ladspa/fm_osc_1415\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/ladspa/gsm_1215\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/ladspa/gverb_1216\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/ladspa/hermes_filter_1200\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/ladspa/highpass_iir_1890\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/ladspa/lowpass_iir_1891\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/ladspa/notch_iir_1894\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/ladspa/pitch_scale_1193\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/ladspa/pitch_scale_1194\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/ladspa/sc1_1425\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/ladspa/sc2_1426\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/ladspa/sc3_1427\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/ladspa/sc4_1882\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/ladspa/se4_1883\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/libImlib2\.so.* -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/ocaml/stublibs/dllnums\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/httpd/modules/libphp5\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/php/modules/.*\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
|
||||
# Livna.org packages: xmms-mp3, ffmpeg, xvidcore, xine-lib, gsm, lame
|
||||
/usr/lib/xmms/Input/libmpg123\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/libpostproc\.so.* -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/libavformat-.*\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/libavcodec-.*\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/libxvidcore\.so.* -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/xine/plugins/.*\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/libgsm\.so.* -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/libmp3lame\.so.* -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
|
||||
# Flash plugin, Macromedia
|
||||
HOME_DIR/.*/plugins/libflashplayer\.so.* -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/.*/plugins/libflashplayer\.so.* -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
|
||||
# Jai, Sun Microsystems (Jpackage SPRM)
|
||||
/usr/lib/libmlib_jai\.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/libdivxdecore.so.0 -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr/lib/libdivxencore.so.0 -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
|
||||
# Java, Sun Microsystems (JPackage SRPM)
|
||||
/usr/.*/jre/lib/i386/libdeploy.so -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
|
||||
/usr(/.*)?/Reader/intellinux/plug_ins/.*\.api -- gen_context(system_u:object_r:shlib_t,s0)
|
||||
/usr(/.*)?/Reader/intellinux/plug_ins/AcroForm\.api -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr(/.*)?/Reader/intellinux/plug_ins/EScript\.api -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
/usr(/.*)?/Reader/intellinux/SPPlugins/ADMPlugin\.apl -- gen_context(system_u:object_r:texrel_shlib_t,s0)
|
||||
') dnl end distro_redhat
|
||||
|
||||
ifdef(`distro_suse',`
|
||||
/usr/lib/samba/classic/[^/]*\.so(\.[^/]*)* -- gen_context(system_u:object_r:shlib_t,s0)
|
||||
')
|
||||
|
||||
#
|
||||
# /var
|
||||
#
|
||||
@ -65,3 +176,7 @@
|
||||
/var/ftp/lib(64)?/lib[^/]*\.so(\.[^/]*)* -- gen_context(system_u:object_r:shlib_t,s0)
|
||||
|
||||
/var/mailman/pythonlib(/.*)?/.*\.so(\..*)? -- gen_context(system_u:object_r:shlib_t,s0)
|
||||
|
||||
ifdef(`distro_suse',`
|
||||
/var/lib/samba/bin/.*\.so(\.[^/]*)* -l gen_context(system_u:object_r:lib_t,s0)
|
||||
')
|
||||
|
||||
@ -17,6 +17,11 @@
|
||||
/etc/dhcp3(/.*)? gen_context(system_u:object_r:dhcp_etc_t,s0)
|
||||
/etc/dhcp3?/dhclient.* gen_context(system_u:object_r:dhcp_etc_t,s0)
|
||||
|
||||
ifdef(`distro_redhat',`
|
||||
/etc/sysconfig/network-scripts/.*resolv\.conf -- gen_context(system_u:object_r:net_conf_t,s0)
|
||||
/etc/sysconfig/networking/profiles/.*/resolv\.conf -- gen_context(system_u:object_r:net_conf_t,s0)
|
||||
')
|
||||
|
||||
#
|
||||
# /sbin
|
||||
#
|
||||
|
||||
Loading…
Reference in New Issue
Block a user