Access to get attributes of target accountsd_t domain is included with ps_process_pattern.
Permission to get attributes of target arpwatch_t domain is included with ps_process_pattern. Access to get attributes of target asterisk_t domain is included with ps_process_pattern. Permission to get attributes of target automount_t domain is included with ps_process_pattern. Access to get attributes of target ntpd_t domain is included with ps_process_pattern. Signed-off-by: Dominick Grift <domg472@gmail.com>
This commit is contained in:
Dominick Grift
parent
b6d0a79f2c
commit
dcbbeeada3
@ -138,7 +138,7 @@ interface(`accountsd_admin',`
|
|||||||
type accountsd_t;
|
type accountsd_t;
|
||||||
')
|
')
|
||||||
|
|
||||||
allow $1 accountsd_t:process { ptrace signal_perms getattr };
|
allow $1 accountsd_t:process { ptrace signal_perms };
|
||||||
ps_process_pattern($1, accountsd_t)
|
ps_process_pattern($1, accountsd_t)
|
||||||
|
|
||||||
accountsd_manage_lib_files($1)
|
accountsd_manage_lib_files($1)
|
||||||
|
|||||||
@ -137,7 +137,7 @@ interface(`arpwatch_admin',`
|
|||||||
type arpwatch_initrc_exec_t;
|
type arpwatch_initrc_exec_t;
|
||||||
')
|
')
|
||||||
|
|
||||||
allow $1 arpwatch_t:process { ptrace signal_perms getattr };
|
allow $1 arpwatch_t:process { ptrace signal_perms };
|
||||||
ps_process_pattern($1, arpwatch_t)
|
ps_process_pattern($1, arpwatch_t)
|
||||||
|
|
||||||
arpwatch_initrc_domtrans($1)
|
arpwatch_initrc_domtrans($1)
|
||||||
|
|||||||
@ -64,7 +64,7 @@ interface(`asterisk_admin',`
|
|||||||
type asterisk_initrc_exec_t;
|
type asterisk_initrc_exec_t;
|
||||||
')
|
')
|
||||||
|
|
||||||
allow $1 asterisk_t:process { ptrace signal_perms getattr };
|
allow $1 asterisk_t:process { ptrace signal_perms };
|
||||||
ps_process_pattern($1, asterisk_t)
|
ps_process_pattern($1, asterisk_t)
|
||||||
|
|
||||||
init_labeled_script_domtrans($1, asterisk_initrc_exec_t)
|
init_labeled_script_domtrans($1, asterisk_initrc_exec_t)
|
||||||
|
|||||||
@ -150,7 +150,7 @@ interface(`automount_admin',`
|
|||||||
type automount_var_run_t, automount_initrc_exec_t;
|
type automount_var_run_t, automount_initrc_exec_t;
|
||||||
')
|
')
|
||||||
|
|
||||||
allow $1 automount_t:process { ptrace signal_perms getattr };
|
allow $1 automount_t:process { ptrace signal_perms };
|
||||||
ps_process_pattern($1, automount_t)
|
ps_process_pattern($1, automount_t)
|
||||||
|
|
||||||
init_labeled_script_domtrans($1, automount_initrc_exec_t)
|
init_labeled_script_domtrans($1, automount_initrc_exec_t)
|
||||||
|
|||||||
@ -144,7 +144,7 @@ interface(`ntp_admin',`
|
|||||||
type ntpd_initrc_exec_t;
|
type ntpd_initrc_exec_t;
|
||||||
')
|
')
|
||||||
|
|
||||||
allow $1 ntpd_t:process { ptrace signal_perms getattr };
|
allow $1 ntpd_t:process { ptrace signal_perms };
|
||||||
ps_process_pattern($1, ntpd_t)
|
ps_process_pattern($1, ntpd_t)
|
||||||
|
|
||||||
init_labeled_script_domtrans($1, ntpd_initrc_exec_t)
|
init_labeled_script_domtrans($1, ntpd_initrc_exec_t)
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user