Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Signed-off-by: Dominick Grift <domg472@gmail.com> Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes.
This commit is contained in:
parent
59c0340548
commit
dcf87460eb
@ -722,6 +722,7 @@ template(`samba_helper_template',`
|
|||||||
gen_require(`
|
gen_require(`
|
||||||
type smbd_t;
|
type smbd_t;
|
||||||
')
|
')
|
||||||
|
|
||||||
#This type is for samba helper scripts
|
#This type is for samba helper scripts
|
||||||
type samba_$1_script_t;
|
type samba_$1_script_t;
|
||||||
domain_type(samba_$1_script_t)
|
domain_type(samba_$1_script_t)
|
||||||
@ -734,7 +735,6 @@ template(`samba_helper_template',`
|
|||||||
|
|
||||||
domtrans_pattern(smbd_t, samba_$1_script_exec_t, samba_$1_script_t)
|
domtrans_pattern(smbd_t, samba_$1_script_exec_t, samba_$1_script_t)
|
||||||
allow smbd_t samba_$1_script_exec_t:file ioctl;
|
allow smbd_t samba_$1_script_exec_t:file ioctl;
|
||||||
|
|
||||||
')
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
@ -760,16 +760,12 @@ interface(`samba_admin',`
|
|||||||
type smbd_t, smbd_tmp_t;
|
type smbd_t, smbd_tmp_t;
|
||||||
type smbd_var_run_t;
|
type smbd_var_run_t;
|
||||||
type samba_initrc_exec_t;
|
type samba_initrc_exec_t;
|
||||||
|
|
||||||
type samba_log_t, samba_var_t;
|
type samba_log_t, samba_var_t;
|
||||||
type samba_etc_t, samba_share_t;
|
type samba_etc_t, samba_share_t;
|
||||||
type samba_secrets_t;
|
type samba_secrets_t;
|
||||||
|
|
||||||
type swat_var_run_t, swat_tmp_t;
|
type swat_var_run_t, swat_tmp_t;
|
||||||
|
|
||||||
type winbind_var_run_t, winbind_tmp_t;
|
type winbind_var_run_t, winbind_tmp_t;
|
||||||
type winbind_log_t;
|
type winbind_log_t;
|
||||||
|
|
||||||
type samba_unconfined_script_t, samba_unconfined_script_exec_t;
|
type samba_unconfined_script_t, samba_unconfined_script_exec_t;
|
||||||
')
|
')
|
||||||
|
|
||||||
|
@ -58,17 +58,17 @@ interface(`sendmail_domtrans',`
|
|||||||
## Execute sendmail in the sendmail domain.
|
## Execute sendmail in the sendmail domain.
|
||||||
## </summary>
|
## </summary>
|
||||||
## <param name="domain">
|
## <param name="domain">
|
||||||
## <summary>
|
## <summary>
|
||||||
## Domain allowed access.
|
## Domain allowed access.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
interface(`sendmail_initrc_domtrans', `
|
interface(`sendmail_initrc_domtrans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type sendmail_initrc_exec_t;
|
type sendmail_initrc_exec_t;
|
||||||
')
|
')
|
||||||
|
|
||||||
init_labeled_script_domtrans($1, sendmail_initrc_exec_t)
|
init_labeled_script_domtrans($1, sendmail_initrc_exec_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
|
@ -5,9 +5,9 @@
|
|||||||
## Execute a domain transition to run smokeping.
|
## Execute a domain transition to run smokeping.
|
||||||
## </summary>
|
## </summary>
|
||||||
## <param name="domain">
|
## <param name="domain">
|
||||||
## <summary>
|
## <summary>
|
||||||
## Domain allowed to transition.
|
## Domain allowed to transition.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
interface(`smokeping_domtrans',`
|
interface(`smokeping_domtrans',`
|
||||||
|
@ -11,12 +11,12 @@
|
|||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
interface(`snmp_stream_connect',`
|
interface(`snmp_stream_connect',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type snmpd_t, snmpd_var_lib_t;
|
type snmpd_t, snmpd_var_lib_t;
|
||||||
')
|
')
|
||||||
|
|
||||||
files_search_var_lib($1)
|
files_search_var_lib($1)
|
||||||
stream_connect_pattern($1, snmpd_var_lib_t, snmpd_var_lib_t, snmpd_t)
|
stream_connect_pattern($1, snmpd_var_lib_t, snmpd_var_lib_t, snmpd_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
@ -82,6 +82,7 @@ interface(`snmp_dontaudit_read_snmp_var_lib_files',`
|
|||||||
gen_require(`
|
gen_require(`
|
||||||
type snmpd_var_lib_t;
|
type snmpd_var_lib_t;
|
||||||
')
|
')
|
||||||
|
|
||||||
dontaudit $1 snmpd_var_lib_t:dir list_dir_perms;
|
dontaudit $1 snmpd_var_lib_t:dir list_dir_perms;
|
||||||
dontaudit $1 snmpd_var_lib_t:file read_file_perms;
|
dontaudit $1 snmpd_var_lib_t:file read_file_perms;
|
||||||
dontaudit $1 snmpd_var_lib_t:lnk_file read_lnk_file_perms;
|
dontaudit $1 snmpd_var_lib_t:lnk_file read_lnk_file_perms;
|
||||||
|
@ -5,9 +5,9 @@
|
|||||||
## Execute a domain transition to run snort.
|
## Execute a domain transition to run snort.
|
||||||
## </summary>
|
## </summary>
|
||||||
## <param name="domain">
|
## <param name="domain">
|
||||||
## <summary>
|
## <summary>
|
||||||
## Domain allowed to transition.
|
## Domain allowed to transition.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
interface(`snort_domtrans',`
|
interface(`snort_domtrans',`
|
||||||
|
@ -59,7 +59,6 @@ interface(`spamassassin_exec',`
|
|||||||
')
|
')
|
||||||
|
|
||||||
can_exec($1, spamassassin_exec_t)
|
can_exec($1, spamassassin_exec_t)
|
||||||
|
|
||||||
')
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
|
@ -32,7 +32,6 @@
|
|||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
template(`ssh_basic_client_template',`
|
template(`ssh_basic_client_template',`
|
||||||
|
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute ssh_server;
|
attribute ssh_server;
|
||||||
type ssh_exec_t, sshd_key_t, sshd_tmp_t;
|
type ssh_exec_t, sshd_key_t, sshd_tmp_t;
|
||||||
@ -167,7 +166,7 @@ template(`ssh_basic_client_template',`
|
|||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
template(`ssh_server_template', `
|
template(`ssh_server_template',`
|
||||||
type $1_t, ssh_server;
|
type $1_t, ssh_server;
|
||||||
auth_login_pgm_domain($1_t)
|
auth_login_pgm_domain($1_t)
|
||||||
|
|
||||||
@ -305,7 +304,6 @@ template(`ssh_server_template', `
|
|||||||
template(`ssh_role_template',`
|
template(`ssh_role_template',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
attribute ssh_server, ssh_agent_type;
|
attribute ssh_server, ssh_agent_type;
|
||||||
|
|
||||||
type ssh_t, ssh_exec_t, ssh_tmpfs_t, ssh_home_t;
|
type ssh_t, ssh_exec_t, ssh_tmpfs_t, ssh_home_t;
|
||||||
type ssh_agent_exec_t, ssh_keysign_t, ssh_tmpfs_t;
|
type ssh_agent_exec_t, ssh_keysign_t, ssh_tmpfs_t;
|
||||||
type ssh_agent_tmp_t;
|
type ssh_agent_tmp_t;
|
||||||
@ -487,6 +485,7 @@ interface(`ssh_read_pipes',`
|
|||||||
|
|
||||||
allow $1 sshd_t:fifo_file read_fifo_file_perms;
|
allow $1 sshd_t:fifo_file read_fifo_file_perms;
|
||||||
')
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
## <summary>
|
## <summary>
|
||||||
## Read and write a ssh server unnamed pipe.
|
## Read and write a ssh server unnamed pipe.
|
||||||
@ -592,7 +591,6 @@ interface(`ssh_domtrans',`
|
|||||||
domtrans_pattern($1, sshd_exec_t, sshd_t)
|
domtrans_pattern($1, sshd_exec_t, sshd_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
## <summary>
|
## <summary>
|
||||||
## Execute sshd server in the sshd domain.
|
## Execute sshd server in the sshd domain.
|
||||||
@ -780,4 +778,3 @@ interface(`ssh_signull',`
|
|||||||
|
|
||||||
allow $1 sshd_t:process signull;
|
allow $1 sshd_t:process signull;
|
||||||
')
|
')
|
||||||
|
|
||||||
|
@ -5,9 +5,9 @@
|
|||||||
## Execute a domain transition to run sssd.
|
## Execute a domain transition to run sssd.
|
||||||
## </summary>
|
## </summary>
|
||||||
## <param name="domain">
|
## <param name="domain">
|
||||||
## <summary>
|
## <summary>
|
||||||
## Domain allowed to transition.
|
## Domain allowed to transition.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
interface(`sssd_domtrans',`
|
interface(`sssd_domtrans',`
|
||||||
|
@ -20,6 +20,6 @@ interface(`stunnel_service_domain',`
|
|||||||
type stunnel_t;
|
type stunnel_t;
|
||||||
')
|
')
|
||||||
|
|
||||||
domtrans_pattern(stunnel_t,$2,$1)
|
domtrans_pattern(stunnel_t, $2, $1)
|
||||||
allow $1 stunnel_t:tcp_socket rw_socket_perms;
|
allow $1 stunnel_t:tcp_socket rw_socket_perms;
|
||||||
')
|
')
|
||||||
|
@ -64,19 +64,19 @@ interface(`tftp_manage_rw_content',`
|
|||||||
## with specified types.
|
## with specified types.
|
||||||
## </summary>
|
## </summary>
|
||||||
## <param name="domain">
|
## <param name="domain">
|
||||||
## <summary>
|
## <summary>
|
||||||
## Domain allowed access.
|
## Domain allowed access.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
## <param name="file_type">
|
## <param name="file_type">
|
||||||
## <summary>
|
## <summary>
|
||||||
## Private file type.
|
## Private file type.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
## <param name="object_class">
|
## <param name="object_class">
|
||||||
## <summary>
|
## <summary>
|
||||||
## Class of the object being created.
|
## Class of the object being created.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
interface(`tftp_filetrans_tftpdir',`
|
interface(`tftp_filetrans_tftpdir',`
|
||||||
|
@ -11,36 +11,36 @@
|
|||||||
|
|
||||||
#####################################
|
#####################################
|
||||||
## <summary>
|
## <summary>
|
||||||
## Allow read and write access to tgtd semaphores.
|
## Allow read and write access to tgtd semaphores.
|
||||||
## </summary>
|
## </summary>
|
||||||
## <param name="domain">
|
## <param name="domain">
|
||||||
## <summary>
|
## <summary>
|
||||||
## Domain allowed access.
|
## Domain allowed access.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
interface(`tgtd_rw_semaphores',`
|
interface(`tgtd_rw_semaphores',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tgtd_t;
|
type tgtd_t;
|
||||||
')
|
')
|
||||||
|
|
||||||
allow $1 tgtd_t:sem rw_sem_perms;
|
allow $1 tgtd_t:sem rw_sem_perms;
|
||||||
')
|
')
|
||||||
|
|
||||||
######################################
|
######################################
|
||||||
## <summary>
|
## <summary>
|
||||||
## Manage tgtd sempaphores.
|
## Manage tgtd sempaphores.
|
||||||
## </summary>
|
## </summary>
|
||||||
## <param name="domain">
|
## <param name="domain">
|
||||||
## <summary>
|
## <summary>
|
||||||
## Domain allowed access.
|
## Domain allowed access.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
interface(`tgtd_manage_semaphores',`
|
interface(`tgtd_manage_semaphores',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type tgtd_t;
|
type tgtd_t;
|
||||||
')
|
')
|
||||||
|
|
||||||
allow $1 tgtd_t:sem create_sem_perms;
|
allow $1 tgtd_t:sem create_sem_perms;
|
||||||
')
|
')
|
||||||
|
@ -5,9 +5,9 @@
|
|||||||
## Execute a domain transition to run tuned.
|
## Execute a domain transition to run tuned.
|
||||||
## </summary>
|
## </summary>
|
||||||
## <param name="domain">
|
## <param name="domain">
|
||||||
## <summary>
|
## <summary>
|
||||||
## Domain allowed to transition.
|
## Domain allowed to transition.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
interface(`tuned_domtrans',`
|
interface(`tuned_domtrans',`
|
||||||
|
@ -20,7 +20,7 @@
|
|||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
interface(`ucspitcp_service_domain', `
|
interface(`ucspitcp_service_domain',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type ucspitcp_t;
|
type ucspitcp_t;
|
||||||
role system_r;
|
role system_r;
|
||||||
|
@ -5,9 +5,9 @@
|
|||||||
## Execute a domain transition to run ulogd.
|
## Execute a domain transition to run ulogd.
|
||||||
## </summary>
|
## </summary>
|
||||||
## <param name="domain">
|
## <param name="domain">
|
||||||
## <summary>
|
## <summary>
|
||||||
## Domain allowed to transition.
|
## Domain allowed to transition.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
interface(`ulogd_domtrans',`
|
interface(`ulogd_domtrans',`
|
||||||
@ -65,9 +65,9 @@ interface(`ulogd_read_log',`
|
|||||||
## Allow the specified domain to search ulogd's log files.
|
## Allow the specified domain to search ulogd's log files.
|
||||||
## </summary>
|
## </summary>
|
||||||
## <param name="domain">
|
## <param name="domain">
|
||||||
## <summary>
|
## <summary>
|
||||||
## Domain allowed access.
|
## Domain allowed access.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
interface(`ulogd_search_log',`
|
interface(`ulogd_search_log',`
|
||||||
|
@ -5,9 +5,9 @@
|
|||||||
## Execute a domain transition to run usbmuxd.
|
## Execute a domain transition to run usbmuxd.
|
||||||
## </summary>
|
## </summary>
|
||||||
## <param name="domain">
|
## <param name="domain">
|
||||||
## <summary>
|
## <summary>
|
||||||
## Domain allowed to transition.
|
## Domain allowed to transition.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
interface(`usbmuxd_domtrans',`
|
interface(`usbmuxd_domtrans',`
|
||||||
|
@ -61,18 +61,18 @@ interface(`varnishd_read_config',`
|
|||||||
## Read varnish lib files.
|
## Read varnish lib files.
|
||||||
## </summary>
|
## </summary>
|
||||||
## <param name="domain">
|
## <param name="domain">
|
||||||
## <summary>
|
## <summary>
|
||||||
## Domain allowed access.
|
## Domain allowed access.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
interface(`varnishd_read_lib_files',`
|
interface(`varnishd_read_lib_files',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type varnishd_var_lib_t;
|
type varnishd_var_lib_t;
|
||||||
')
|
')
|
||||||
|
|
||||||
files_search_var_lib($1)
|
files_search_var_lib($1)
|
||||||
read_files_pattern($1, varnishd_var_lib_t, varnishd_var_lib_t)
|
read_files_pattern($1, varnishd_var_lib_t, varnishd_var_lib_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
#######################################
|
#######################################
|
||||||
@ -165,11 +165,10 @@ interface(`varnishd_admin_varnishlog',`
|
|||||||
allow $2 system_r;
|
allow $2 system_r;
|
||||||
|
|
||||||
files_search_pids($1)
|
files_search_pids($1)
|
||||||
admin_pattern($1, varnishlog_var_run_t)
|
admin_pattern($1, varnishlog_var_run_t)
|
||||||
|
|
||||||
logging_list_logs($1)
|
logging_list_logs($1)
|
||||||
admin_pattern($1, varnishlog_log_t)
|
admin_pattern($1, varnishlog_log_t)
|
||||||
|
|
||||||
')
|
')
|
||||||
|
|
||||||
#######################################
|
#######################################
|
||||||
@ -215,5 +214,4 @@ interface(`varnishd_admin',`
|
|||||||
|
|
||||||
files_search_tmp($1)
|
files_search_tmp($1)
|
||||||
admin_pattern($1, varnishd_tmp_t)
|
admin_pattern($1, varnishd_tmp_t)
|
||||||
|
|
||||||
')
|
')
|
||||||
|
@ -5,9 +5,9 @@
|
|||||||
## Execute a domain transition to run vhostmd.
|
## Execute a domain transition to run vhostmd.
|
||||||
## </summary>
|
## </summary>
|
||||||
## <param name="domain">
|
## <param name="domain">
|
||||||
## <summary>
|
## <summary>
|
||||||
## Domain allowed to transition.
|
## Domain allowed to transition.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
interface(`vhostmd_domtrans',`
|
interface(`vhostmd_domtrans',`
|
||||||
@ -147,7 +147,7 @@ interface(`vhostmd_manage_pid_files',`
|
|||||||
')
|
')
|
||||||
|
|
||||||
files_search_pids($1)
|
files_search_pids($1)
|
||||||
manage_files_pattern($1, vhostmd_var_run_t, vhostmd_var_run_t)
|
manage_files_pattern($1, vhostmd_var_run_t, vhostmd_var_run_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
@ -221,5 +221,4 @@ interface(`vhostmd_admin',`
|
|||||||
vhostmd_manage_tmpfs_files($1)
|
vhostmd_manage_tmpfs_files($1)
|
||||||
|
|
||||||
vhostmd_manage_pid_files($1)
|
vhostmd_manage_pid_files($1)
|
||||||
|
|
||||||
')
|
')
|
||||||
|
@ -91,9 +91,9 @@ interface(`virt_image',`
|
|||||||
## Execute a domain transition to run virt.
|
## Execute a domain transition to run virt.
|
||||||
## </summary>
|
## </summary>
|
||||||
## <param name="domain">
|
## <param name="domain">
|
||||||
## <summary>
|
## <summary>
|
||||||
## Domain allowed to transition.
|
## Domain allowed to transition.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
interface(`virt_domtrans',`
|
interface(`virt_domtrans',`
|
||||||
@ -380,9 +380,9 @@ interface(`virt_read_log',`
|
|||||||
## virt log files.
|
## virt log files.
|
||||||
## </summary>
|
## </summary>
|
||||||
## <param name="domain">
|
## <param name="domain">
|
||||||
## <summary>
|
## <summary>
|
||||||
## Domain allowed access.
|
## Domain allowed access.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
interface(`virt_append_log',`
|
interface(`virt_append_log',`
|
||||||
|
Loading…
Reference in New Issue
Block a user