Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Signed-off-by: Dominick Grift <domg472@gmail.com> Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes.
This commit is contained in:
parent
59c0340548
commit
dcf87460eb
@ -722,6 +722,7 @@ template(`samba_helper_template',`
|
||||
gen_require(`
|
||||
type smbd_t;
|
||||
')
|
||||
|
||||
#This type is for samba helper scripts
|
||||
type samba_$1_script_t;
|
||||
domain_type(samba_$1_script_t)
|
||||
@ -734,7 +735,6 @@ template(`samba_helper_template',`
|
||||
|
||||
domtrans_pattern(smbd_t, samba_$1_script_exec_t, samba_$1_script_t)
|
||||
allow smbd_t samba_$1_script_exec_t:file ioctl;
|
||||
|
||||
')
|
||||
|
||||
########################################
|
||||
@ -760,16 +760,12 @@ interface(`samba_admin',`
|
||||
type smbd_t, smbd_tmp_t;
|
||||
type smbd_var_run_t;
|
||||
type samba_initrc_exec_t;
|
||||
|
||||
type samba_log_t, samba_var_t;
|
||||
type samba_etc_t, samba_share_t;
|
||||
type samba_secrets_t;
|
||||
|
||||
type swat_var_run_t, swat_tmp_t;
|
||||
|
||||
type winbind_var_run_t, winbind_tmp_t;
|
||||
type winbind_log_t;
|
||||
|
||||
type samba_unconfined_script_t, samba_unconfined_script_exec_t;
|
||||
')
|
||||
|
||||
@ -781,7 +777,7 @@ interface(`samba_admin',`
|
||||
|
||||
allow $1 samba_unconfined_script_t:process { ptrace signal_perms getattr };
|
||||
read_files_pattern($1, samba_unconfined_script_t, samba_unconfined_script_t)
|
||||
|
||||
|
||||
samba_run_smbcontrol($1, $2, $3)
|
||||
samba_run_winbind_helper($1, $2, $3)
|
||||
samba_run_smbmount($1, $2, $3)
|
||||
|
@ -58,17 +58,17 @@ interface(`sendmail_domtrans',`
|
||||
## Execute sendmail in the sendmail domain.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`sendmail_initrc_domtrans', `
|
||||
gen_require(`
|
||||
type sendmail_initrc_exec_t;
|
||||
')
|
||||
interface(`sendmail_initrc_domtrans',`
|
||||
gen_require(`
|
||||
type sendmail_initrc_exec_t;
|
||||
')
|
||||
|
||||
init_labeled_script_domtrans($1, sendmail_initrc_exec_t)
|
||||
init_labeled_script_domtrans($1, sendmail_initrc_exec_t)
|
||||
')
|
||||
|
||||
########################################
|
||||
|
@ -5,9 +5,9 @@
|
||||
## Execute a domain transition to run smokeping.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## <summary>
|
||||
## Domain allowed to transition.
|
||||
## </summary>
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`smokeping_domtrans',`
|
||||
|
@ -11,12 +11,12 @@
|
||||
## </param>
|
||||
#
|
||||
interface(`snmp_stream_connect',`
|
||||
gen_require(`
|
||||
gen_require(`
|
||||
type snmpd_t, snmpd_var_lib_t;
|
||||
')
|
||||
')
|
||||
|
||||
files_search_var_lib($1)
|
||||
stream_connect_pattern($1, snmpd_var_lib_t, snmpd_var_lib_t, snmpd_t)
|
||||
files_search_var_lib($1)
|
||||
stream_connect_pattern($1, snmpd_var_lib_t, snmpd_var_lib_t, snmpd_t)
|
||||
')
|
||||
|
||||
########################################
|
||||
@ -82,6 +82,7 @@ interface(`snmp_dontaudit_read_snmp_var_lib_files',`
|
||||
gen_require(`
|
||||
type snmpd_var_lib_t;
|
||||
')
|
||||
|
||||
dontaudit $1 snmpd_var_lib_t:dir list_dir_perms;
|
||||
dontaudit $1 snmpd_var_lib_t:file read_file_perms;
|
||||
dontaudit $1 snmpd_var_lib_t:lnk_file read_lnk_file_perms;
|
||||
|
@ -5,9 +5,9 @@
|
||||
## Execute a domain transition to run snort.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## <summary>
|
||||
## Domain allowed to transition.
|
||||
## </summary>
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`snort_domtrans',`
|
||||
|
@ -59,7 +59,6 @@ interface(`spamassassin_exec',`
|
||||
')
|
||||
|
||||
can_exec($1, spamassassin_exec_t)
|
||||
|
||||
')
|
||||
|
||||
########################################
|
||||
@ -318,7 +317,7 @@ interface(`spamassassin_spamd_admin',`
|
||||
|
||||
allow $1 spamd_t:process { ptrace signal_perms };
|
||||
ps_process_pattern($1, spamd_t)
|
||||
|
||||
|
||||
init_labeled_script_domtrans($1, spamd_initrc_exec_t)
|
||||
domain_system_change_exemption($1)
|
||||
role_transition $2 spamd_initrc_exec_t system_r;
|
||||
|
@ -32,7 +32,6 @@
|
||||
## </param>
|
||||
#
|
||||
template(`ssh_basic_client_template',`
|
||||
|
||||
gen_require(`
|
||||
attribute ssh_server;
|
||||
type ssh_exec_t, sshd_key_t, sshd_tmp_t;
|
||||
@ -167,7 +166,7 @@ template(`ssh_basic_client_template',`
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
template(`ssh_server_template', `
|
||||
template(`ssh_server_template',`
|
||||
type $1_t, ssh_server;
|
||||
auth_login_pgm_domain($1_t)
|
||||
|
||||
@ -305,7 +304,6 @@ template(`ssh_server_template', `
|
||||
template(`ssh_role_template',`
|
||||
gen_require(`
|
||||
attribute ssh_server, ssh_agent_type;
|
||||
|
||||
type ssh_t, ssh_exec_t, ssh_tmpfs_t, ssh_home_t;
|
||||
type ssh_agent_exec_t, ssh_keysign_t, ssh_tmpfs_t;
|
||||
type ssh_agent_tmp_t;
|
||||
@ -487,6 +485,7 @@ interface(`ssh_read_pipes',`
|
||||
|
||||
allow $1 sshd_t:fifo_file read_fifo_file_perms;
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Read and write a ssh server unnamed pipe.
|
||||
@ -592,7 +591,6 @@ interface(`ssh_domtrans',`
|
||||
domtrans_pattern($1, sshd_exec_t, sshd_t)
|
||||
')
|
||||
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Execute sshd server in the sshd domain.
|
||||
@ -780,4 +778,3 @@ interface(`ssh_signull',`
|
||||
|
||||
allow $1 sshd_t:process signull;
|
||||
')
|
||||
|
||||
|
@ -5,9 +5,9 @@
|
||||
## Execute a domain transition to run sssd.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## <summary>
|
||||
## Domain allowed to transition.
|
||||
## </summary>
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`sssd_domtrans',`
|
||||
|
@ -20,6 +20,6 @@ interface(`stunnel_service_domain',`
|
||||
type stunnel_t;
|
||||
')
|
||||
|
||||
domtrans_pattern(stunnel_t,$2,$1)
|
||||
domtrans_pattern(stunnel_t, $2, $1)
|
||||
allow $1 stunnel_t:tcp_socket rw_socket_perms;
|
||||
')
|
||||
|
@ -64,19 +64,19 @@ interface(`tftp_manage_rw_content',`
|
||||
## with specified types.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## </summary>
|
||||
## </param>
|
||||
## <param name="file_type">
|
||||
## <summary>
|
||||
## <summary>
|
||||
## Private file type.
|
||||
## </summary>
|
||||
## </summary>
|
||||
## </param>
|
||||
## <param name="object_class">
|
||||
## <summary>
|
||||
## <summary>
|
||||
## Class of the object being created.
|
||||
## </summary>
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`tftp_filetrans_tftpdir',`
|
||||
|
@ -11,36 +11,36 @@
|
||||
|
||||
#####################################
|
||||
## <summary>
|
||||
## Allow read and write access to tgtd semaphores.
|
||||
## Allow read and write access to tgtd semaphores.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`tgtd_rw_semaphores',`
|
||||
gen_require(`
|
||||
type tgtd_t;
|
||||
')
|
||||
gen_require(`
|
||||
type tgtd_t;
|
||||
')
|
||||
|
||||
allow $1 tgtd_t:sem rw_sem_perms;
|
||||
allow $1 tgtd_t:sem rw_sem_perms;
|
||||
')
|
||||
|
||||
######################################
|
||||
## <summary>
|
||||
## Manage tgtd sempaphores.
|
||||
## Manage tgtd sempaphores.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`tgtd_manage_semaphores',`
|
||||
gen_require(`
|
||||
type tgtd_t;
|
||||
')
|
||||
gen_require(`
|
||||
type tgtd_t;
|
||||
')
|
||||
|
||||
allow $1 tgtd_t:sem create_sem_perms;
|
||||
allow $1 tgtd_t:sem create_sem_perms;
|
||||
')
|
||||
|
@ -5,9 +5,9 @@
|
||||
## Execute a domain transition to run tuned.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## <summary>
|
||||
## Domain allowed to transition.
|
||||
## </summary>
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`tuned_domtrans',`
|
||||
|
@ -20,7 +20,7 @@
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`ucspitcp_service_domain', `
|
||||
interface(`ucspitcp_service_domain',`
|
||||
gen_require(`
|
||||
type ucspitcp_t;
|
||||
role system_r;
|
||||
|
@ -5,9 +5,9 @@
|
||||
## Execute a domain transition to run ulogd.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## <summary>
|
||||
## Domain allowed to transition.
|
||||
## </summary>
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`ulogd_domtrans',`
|
||||
@ -65,9 +65,9 @@ interface(`ulogd_read_log',`
|
||||
## Allow the specified domain to search ulogd's log files.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`ulogd_search_log',`
|
||||
|
@ -5,9 +5,9 @@
|
||||
## Execute a domain transition to run usbmuxd.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## <summary>
|
||||
## Domain allowed to transition.
|
||||
## </summary>
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`usbmuxd_domtrans',`
|
||||
|
@ -21,7 +21,7 @@ interface(`varnishd_domtrans',`
|
||||
|
||||
#######################################
|
||||
## <summary>
|
||||
## Execute varnishd
|
||||
## Execute varnishd
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
@ -61,18 +61,18 @@ interface(`varnishd_read_config',`
|
||||
## Read varnish lib files.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`varnishd_read_lib_files',`
|
||||
gen_require(`
|
||||
type varnishd_var_lib_t;
|
||||
')
|
||||
gen_require(`
|
||||
type varnishd_var_lib_t;
|
||||
')
|
||||
|
||||
files_search_var_lib($1)
|
||||
read_files_pattern($1, varnishd_var_lib_t, varnishd_var_lib_t)
|
||||
files_search_var_lib($1)
|
||||
read_files_pattern($1, varnishd_var_lib_t, varnishd_var_lib_t)
|
||||
')
|
||||
|
||||
#######################################
|
||||
@ -165,11 +165,10 @@ interface(`varnishd_admin_varnishlog',`
|
||||
allow $2 system_r;
|
||||
|
||||
files_search_pids($1)
|
||||
admin_pattern($1, varnishlog_var_run_t)
|
||||
admin_pattern($1, varnishlog_var_run_t)
|
||||
|
||||
logging_list_logs($1)
|
||||
admin_pattern($1, varnishlog_log_t)
|
||||
|
||||
')
|
||||
|
||||
#######################################
|
||||
@ -192,7 +191,7 @@ interface(`varnishd_admin_varnishlog',`
|
||||
interface(`varnishd_admin',`
|
||||
gen_require(`
|
||||
type varnishd_t, varnishd_var_lib_t, varnishd_etc_t;
|
||||
type varnishd_var_run_t, varnishd_tmp_t;
|
||||
type varnishd_var_run_t, varnishd_tmp_t;
|
||||
type varnishd_initrc_exec_t;
|
||||
')
|
||||
|
||||
@ -215,5 +214,4 @@ interface(`varnishd_admin',`
|
||||
|
||||
files_search_tmp($1)
|
||||
admin_pattern($1, varnishd_tmp_t)
|
||||
|
||||
')
|
||||
|
@ -5,9 +5,9 @@
|
||||
## Execute a domain transition to run vhostmd.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## <summary>
|
||||
## Domain allowed to transition.
|
||||
## </summary>
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`vhostmd_domtrans',`
|
||||
@ -147,7 +147,7 @@ interface(`vhostmd_manage_pid_files',`
|
||||
')
|
||||
|
||||
files_search_pids($1)
|
||||
manage_files_pattern($1, vhostmd_var_run_t, vhostmd_var_run_t)
|
||||
manage_files_pattern($1, vhostmd_var_run_t, vhostmd_var_run_t)
|
||||
')
|
||||
|
||||
########################################
|
||||
@ -221,5 +221,4 @@ interface(`vhostmd_admin',`
|
||||
vhostmd_manage_tmpfs_files($1)
|
||||
|
||||
vhostmd_manage_pid_files($1)
|
||||
|
||||
')
|
||||
|
@ -91,9 +91,9 @@ interface(`virt_image',`
|
||||
## Execute a domain transition to run virt.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## <summary>
|
||||
## Domain allowed to transition.
|
||||
## </summary>
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`virt_domtrans',`
|
||||
@ -380,9 +380,9 @@ interface(`virt_read_log',`
|
||||
## virt log files.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`virt_append_log',`
|
||||
|
Loading…
Reference in New Issue
Block a user