trunk: whitespace fixes.
This commit is contained in:
parent
3392356f36
commit
c0f5fa011a
@ -120,7 +120,7 @@ interface(`certmaster_admin',`
|
||||
|
||||
logging_list_logs($1)
|
||||
admin_pattern($1, certmaster_var_log_t)
|
||||
|
||||
|
||||
files_list_var_lib($1)
|
||||
admin_pattern($1, certmaster_var_lib_t)
|
||||
')
|
||||
|
@ -135,23 +135,23 @@ allow mysqld_safe_t self:capability { dac_override fowner chown };
|
||||
allow mysqld_safe_t self:fifo_file rw_fifo_file_perms;
|
||||
|
||||
domtrans_pattern(mysqld_safe_t, mysqld_exec_t, mysqld_t)
|
||||
|
||||
|
||||
allow mysqld_safe_t mysqld_log_t:file manage_file_perms;
|
||||
logging_log_filetrans(mysqld_safe_t, mysqld_log_t, file)
|
||||
|
||||
kernel_read_system_state(mysqld_safe_t)
|
||||
|
||||
dev_list_sysfs(mysqld_safe_t)
|
||||
|
||||
|
||||
files_read_etc_files(mysqld_safe_t)
|
||||
files_read_usr_files(mysqld_safe_t)
|
||||
|
||||
corecmd_exec_bin(mysqld_safe_t)
|
||||
|
||||
hostname_exec(mysqld_safe_t)
|
||||
|
||||
|
||||
miscfiles_read_localization(mysqld_safe_t)
|
||||
|
||||
|
||||
mysql_append_db_files(mysqld_safe_t)
|
||||
mysql_read_config(mysqld_safe_t)
|
||||
mysql_search_pid_files(mysqld_safe_t)
|
||||
|
@ -62,7 +62,7 @@ interface(`lvm_read_config',`
|
||||
|
||||
files_search_etc($1)
|
||||
allow $1 lvm_etc_t:dir list_dir_perms;
|
||||
read_files_pattern($1,lvm_etc_t,lvm_etc_t)
|
||||
read_files_pattern($1, lvm_etc_t, lvm_etc_t)
|
||||
')
|
||||
|
||||
########################################
|
||||
@ -82,6 +82,6 @@ interface(`lvm_manage_config',`
|
||||
')
|
||||
|
||||
files_search_etc($1)
|
||||
manage_dirs_pattern($1,lvm_etc_t,lvm_etc_t)
|
||||
manage_files_pattern($1,lvm_etc_t,lvm_etc_t)
|
||||
manage_dirs_pattern($1, lvm_etc_t, lvm_etc_t)
|
||||
manage_files_pattern($1, lvm_etc_t, lvm_etc_t)
|
||||
')
|
||||
|
@ -8,14 +8,14 @@ policy_module(lvm, 1.10.3)
|
||||
|
||||
type clvmd_t;
|
||||
type clvmd_exec_t;
|
||||
init_daemon_domain(clvmd_t,clvmd_exec_t)
|
||||
init_daemon_domain(clvmd_t, clvmd_exec_t)
|
||||
|
||||
type clvmd_var_run_t;
|
||||
files_pid_file(clvmd_var_run_t)
|
||||
|
||||
type lvm_t;
|
||||
type lvm_exec_t;
|
||||
init_system_domain(lvm_t,lvm_exec_t)
|
||||
init_system_domain(lvm_t, lvm_exec_t)
|
||||
# needs privowner because it assigns the identity system_u to device nodes
|
||||
# but runs as the identity of the sysadmin
|
||||
domain_obj_id_change_exemption(lvm_t)
|
||||
@ -54,10 +54,10 @@ allow clvmd_t self:unix_stream_socket { connectto create_stream_socket_perms };
|
||||
allow clvmd_t self:tcp_socket create_stream_socket_perms;
|
||||
allow clvmd_t self:udp_socket create_socket_perms;
|
||||
|
||||
manage_files_pattern(clvmd_t,clvmd_var_run_t,clvmd_var_run_t)
|
||||
files_pid_filetrans(clvmd_t,clvmd_var_run_t,file)
|
||||
manage_files_pattern(clvmd_t, clvmd_var_run_t, clvmd_var_run_t)
|
||||
files_pid_filetrans(clvmd_t, clvmd_var_run_t, file)
|
||||
|
||||
read_files_pattern(clvmd_t,lvm_metadata_t,lvm_metadata_t)
|
||||
read_files_pattern(clvmd_t, lvm_metadata_t, lvm_metadata_t)
|
||||
|
||||
kernel_read_kernel_sysctls(clvmd_t)
|
||||
kernel_read_system_state(clvmd_t)
|
||||
@ -175,36 +175,36 @@ allow lvm_t self:netlink_kobject_uevent_socket create_socket_perms;
|
||||
allow lvm_t self:unix_stream_socket { connectto create_stream_socket_perms };
|
||||
allow lvm_t clvmd_t:unix_stream_socket { connectto rw_socket_perms };
|
||||
|
||||
manage_dirs_pattern(lvm_t,lvm_tmp_t,lvm_tmp_t)
|
||||
manage_files_pattern(lvm_t,lvm_tmp_t,lvm_tmp_t)
|
||||
manage_dirs_pattern(lvm_t, lvm_tmp_t, lvm_tmp_t)
|
||||
manage_files_pattern(lvm_t, lvm_tmp_t, lvm_tmp_t)
|
||||
files_tmp_filetrans(lvm_t, lvm_tmp_t, { file dir })
|
||||
|
||||
# /lib/lvm-<version> holds the actual LVM binaries (and symlinks)
|
||||
read_files_pattern(lvm_t,lvm_exec_t,lvm_exec_t)
|
||||
read_lnk_files_pattern(lvm_t,lvm_exec_t,lvm_exec_t)
|
||||
read_files_pattern(lvm_t, lvm_exec_t, lvm_exec_t)
|
||||
read_lnk_files_pattern(lvm_t, lvm_exec_t, lvm_exec_t)
|
||||
|
||||
# LVM is split into many individual binaries
|
||||
can_exec(lvm_t, lvm_exec_t)
|
||||
|
||||
# Creating lock files
|
||||
manage_files_pattern(lvm_t,lvm_lock_t,lvm_lock_t)
|
||||
files_lock_filetrans(lvm_t,lvm_lock_t,file)
|
||||
manage_files_pattern(lvm_t, lvm_lock_t, lvm_lock_t)
|
||||
files_lock_filetrans(lvm_t, lvm_lock_t, file)
|
||||
|
||||
manage_dirs_pattern(lvm_t,lvm_var_lib_t,lvm_var_lib_t)
|
||||
manage_files_pattern(lvm_t,lvm_var_lib_t,lvm_var_lib_t)
|
||||
files_var_lib_filetrans(lvm_t,lvm_var_lib_t,{ dir file })
|
||||
manage_dirs_pattern(lvm_t, lvm_var_lib_t, lvm_var_lib_t)
|
||||
manage_files_pattern(lvm_t, lvm_var_lib_t, lvm_var_lib_t)
|
||||
files_var_lib_filetrans(lvm_t, lvm_var_lib_t,{ dir file })
|
||||
|
||||
manage_dirs_pattern(lvm_t,lvm_var_run_t,lvm_var_run_t)
|
||||
manage_files_pattern(lvm_t,lvm_var_run_t,lvm_var_run_t)
|
||||
manage_sock_files_pattern(lvm_t,lvm_var_run_t,lvm_var_run_t)
|
||||
files_pid_filetrans(lvm_t,lvm_var_run_t,{ file sock_file })
|
||||
manage_dirs_pattern(lvm_t, lvm_var_run_t, lvm_var_run_t)
|
||||
manage_files_pattern(lvm_t, lvm_var_run_t, lvm_var_run_t)
|
||||
manage_sock_files_pattern(lvm_t, lvm_var_run_t, lvm_var_run_t)
|
||||
files_pid_filetrans(lvm_t, lvm_var_run_t,{ file sock_file })
|
||||
|
||||
read_files_pattern(lvm_t,lvm_etc_t,lvm_etc_t)
|
||||
read_lnk_files_pattern(lvm_t,lvm_etc_t,lvm_etc_t)
|
||||
read_files_pattern(lvm_t, lvm_etc_t, lvm_etc_t)
|
||||
read_lnk_files_pattern(lvm_t, lvm_etc_t, lvm_etc_t)
|
||||
# Write to /etc/lvm, /etc/lvmtab, /etc/lvmtab.d
|
||||
manage_files_pattern(lvm_t,lvm_metadata_t,lvm_metadata_t)
|
||||
filetrans_pattern(lvm_t,lvm_etc_t,lvm_metadata_t,file)
|
||||
files_etc_filetrans(lvm_t,lvm_metadata_t,file)
|
||||
manage_files_pattern(lvm_t, lvm_metadata_t, lvm_metadata_t)
|
||||
filetrans_pattern(lvm_t, lvm_etc_t, lvm_metadata_t, file)
|
||||
files_etc_filetrans(lvm_t, lvm_metadata_t, file)
|
||||
files_search_mnt(lvm_t)
|
||||
|
||||
kernel_read_system_state(lvm_t)
|
||||
|
Loading…
Reference in New Issue
Block a user