## ## Policy for filesystems. ######################################## # # fs_make_fs(type) # define(`fs_make_fs',` requires_block_template(`$0'_depend) typeattribute $1 fs_type; ') define(`fs_make_fs_depend',` attribute fs_type; ') ######################################## # # fs_associate(type) # define(`fs_associate',` requires_block_template(`$0'_depend) allow $1 fs_t:filesystem associate; ') define(`fs_associate_depend',` type fs_t; class filesystem associate; ') ######################################## # # fs_noxattr_associate(type) # define(`fs_noxattr_associate',` requires_block_template(`$0'_depend) allow $1 autofs_t:filesystem associate; allow $1 cifs_t:filesystem associate; allow $1 dosfs_t:filesystem associate; allow $1 iso9660_t:filesystem associate; allow $1 nfs_t:filesystem associate; allow $1 removable_t:filesystem associate; allow $1 usbfs_t:filesystem associate; ') define(`fs_noxattr_associate_depend',` type fs_t, nfs_t, cifs_t, dosfs_t, iso9660_t, autofs_t, usbfs_t, removable_t; class filesystem associate; ') ######################################## # # fs_mount_persistent_fs(domain) # define(`fs_mount_persistent_fs',` requires_block_template(`$0'_depend) allow $1 fs_t:filesystem mount; ') define(`fs_mount_persistent_fs_depend',` type fs_t; class filesystem mount; ') ######################################## # # fs_remount_persistent_fs(domain) # define(`fs_remount_persistent_fs',` requires_block_template(`$0'_depend) allow $1 fs_t:filesystem remount; ') define(`fs_remount_persistent_fs_depend',` type fs_t; class filesystem remount; ') ######################################## # # fs_unmount_persistent_fs(domain) # define(`fs_unmount_persistent_fs',` requires_block_template(`$0'_depend) allow $1 fs_t:filesystem mount; ') define(`fs_unmount_persistent_fs_depend',` type fs_t; class filesystem unmount; ') ######################################## # # fs_get_persistent_fs_attributes(domain) # define(`fs_get_persistent_fs_attributes',` requires_block_template(`$0'_depend) allow $1 fs_t:filesystem getattr; ') define(`fs_get_persistent_fs_attributes_depend',` type fs_t; class filesystem getattr; ') ######################################## # # fs_ignore_get_persistent_fs_attributes(domain) # define(`fs_ignore_get_persistent_fs_attributes',` requires_block_template(`$0'_depend) dontaudit $1 fs_t:filesystem getattr; ') define(`fs_ignore_get_persistent_fs_attributes_depend',` type fs_t; class filesystem getattr; ') ######################################## # # fs_relabelfrom_persistent_fs(domain) # define(`fs_relabelfrom_persistent_fs',` requires_block_template(`$0'_depend) allow $1 fs_t:filesystem relabelfrom; ') define(`fs_relabelfrom_persistent_fs_depend',` type fs_t; class filesystem relabelfrom; ') ######################################## # # fs_mount_automount_fs(domain) # define(`fs_mount_automount_fs',` requires_block_template(`$0'_depend) allow $1 autofs_t:filesystem mount; ') define(`fs_mount_automount_fs_depend',` type autofs_t; class filesystem mount; ') ######################################## # # fs_remount_automount_fs(domain) # define(`fs_remount_automount_fs',` requires_block_template(`$0'_depend) allow $1 autofs_t:filesystem remount; ') define(`fs_remount_automount_fs_depend',` type autofs_t; class filesystem remount; ') ######################################## # # fs_unmount_automount_fs(domain) # define(`fs_unmount_automount_fs',` requires_block_template(`$0'_depend) allow $1 autofs_t:filesystem mount; ') define(`fs_unmount_automount_fs_depend',` type autofs_t; class filesystem unmount; ') ######################################## # # fs_get_automount_fs_attributes(domain) # define(`fs_get_automount_fs_attributes',` requires_block_template(`$0'_depend) allow $1 autofs_t:filesystem getattr; ') define(`fs_get_automount_fs_attributes_depend',` type autofs_t; class filesystem getattr; ') ######################################## # # fs_register_binary_executable_type(domain) # define(`fs_register_binary_executable_type',` requires_block_template(`$0'_depend) allow $1 binfmt_misc_fs_t:dir { getattr search }; allow $1 binfmt_misc_fs_t:file { getattr ioctl write }; ') define(`fs_register_binary_executable_type_depend',` type binfmt_misc_fs_t; class dir { getattr search }; class file { getattr ioctl write }; ') ######################################## # # fs_mount_windows_network_fs(domain) # define(`fs_mount_windows_network_fs',` requires_block_template(`$0'_depend) allow $1 cifs_t:filesystem mount; ') define(`fs_mount_windows_network_fs_depend',` type cifs_t; class filesystem mount; ') ######################################## # # fs_remount_windows_network_fs(domain) # define(`fs_remount_windows_network_fs',` requires_block_template(`$0'_depend) allow $1 cifs_t:filesystem remount; ') define(`fs_remount_windows_network_fs_depend',` type cifs_t; class filesystem remount; ') ######################################## # # fs_unmount_windows_network_fs(domain) # define(`fs_unmount_windows_network_fs',` requires_block_template(`$0'_depend) allow $1 cifs_t:filesystem mount; ') define(`fs_unmount_windows_network_fs_depend',` type cifs_t; class filesystem unmount; ') ######################################## # # fs_get_windows_network_fs_attributes(domain) # define(`fs_get_windows_network_fs_attributes',` requires_block_template(`$0'_depend) allow $1 cifs_t:filesystem getattr; ') define(`fs_get_windows_network_fs_attributes_depend',` type cifs_t; class filesystem getattr; ') ######################################## # # fs_execute_windows_network_files(domain) # define(`fs_execute_windows_network_files',` requires_block_template(`$0'_depend) allow $1 cifs_t:dir r_dir_perms; allow $1 cifs_t:file { getattr read execute execute_no_trans }; ') define(`fs_execute_windows_network_files_depend',` type cifs_t; class dir r_dir_perms; class file { getattr read execute execute_no_trans }; ') ######################################## # # fs_manage_windows_network_directories(domain) # define(`fs_manage_windows_network_directories',` requires_block_template(`$0'_depend) allow $1 cifs_t:dir create_file_perms; ') define(`fs_manage_windows_network_directories_depend',` type cifs_t; class dir create_file_perms; ') ######################################## # # fs_manage_windows_network_files(domain) # define(`fs_manage_windows_network_files',` requires_block_template(`$0'_depend) allow $1 cifs_t:dir rw_dir_perms; allow $1 cifs_t:file create_file_perms; ') define(`fs_manage_windows_network_files_depend',` type cifs_t; class dir rw_dir_perms; class file create_file_perms; ') ######################################## # # fs_manage_windows_network_symbolic_links(domain) # define(`fs_manage_windows_network_symbolic_links',` requires_block_template(`$0'_depend) allow $1 cifs_t:dir rw_dir_perms; allow $1 cifs_t:lnk_file create_lnk_perms; ') define(`fs_manage_windows_network_symbolic_links_depend',` type cifs_t; class dir rw_dir_perms; class lnk_file create_lnk_perms; ') ######################################## # # fs_manage_windows_network_named_pipes(domain) # define(`fs_manage_windows_network_named_pipes',` requires_block_template(`$0'_depend) allow $1 cifs_t:dir rw_dir_perms; allow $1 cifs_t:fifo_file create_file_perms; ') define(`fs_manage_windows_network_named_pipes_depend',` type cifs_t; class dir rw_dir_perms; class fifo_file create_file_perms; ') ######################################## # # fs_manage_windows_network_named_sockets(domain) # define(`fs_manage_windows_network_named_sockets',` requires_block_template(`$0'_depend) allow $1 cifs_t:dir rw_file_perms; allow $1 cifs_t:sock_file create_file_perms; ') define(`fs_manage_windows_network_named_sockets_depend',` type cifs_t; class dir rw_dir_perms; class sock_file create_file_perms; ') ######################################## # # fs_mount_dos_fs(domain) # define(`fs_mount_dos_fs',` requires_block_template(`$0'_depend) allow $1 dosfs_t:filesystem mount; ') define(`fs_mount_dos_fs_depend',` type dosfs_t; class filesystem mount; ') ######################################## # # fs_remount_dos_fs(domain) # define(`fs_remount_dos_fs',` requires_block_template(`$0'_depend) allow $1 dosfs_t:filesystem remount; ') define(`fs_remount_dos_fs_depend',` type dosfs_t; class filesystem remount; ') ######################################## # # fs_unmount_dos_fs(domain) # define(`fs_unmount_dos_fs',` requires_block_template(`$0'_depend) allow $1 dosfs_t:filesystem mount; ') define(`fs_unmount_dos_fs_depend',` type dosfs_t; class filesystem unmount; ') ######################################## # # fs_get_dos_fs_attributes(domain) # define(`fs_get_dos_fs_attributes',` requires_block_template(`$0'_depend) allow $1 dosfs_t:filesystem getattr; ') define(`fs_get_dos_fs_attributes_depend',` type dosfs_t; class filesystem getattr; ') ######################################## # # fs_relabelfrom_dos_fs(domain) # define(`fs_relabelfrom_dos_fs',` requires_block_template(`$0'_depend) allow $1 dosfs_t:filesystem relabelfrom; ') define(`fs_relabelfrom_dos_fs_depend',` type dosfs_t; class filesystem relabelfrom; ') ######################################## # # fs_mount_cd_fs(domain) # define(`fs_mount_cd_fs',` requires_block_template(`$0'_depend) allow $1 iso9660_t:filesystem mount; ') define(`fs_mount_cd_fs_depend',` type iso9660_t; class filesystem mount; ') ######################################## # # fs_remount_cd_fs(domain) # define(`fs_remount_cd_fs',` requires_block_template(`$0'_depend) allow $1 iso9660_t:filesystem remount; ') define(`fs_remount_cd_fs_depend',` type iso9660_t; class filesystem remount; ') ######################################## # # fs_unmount_cd_fs(domain) # define(`fs_unmount_cd_fs',` requires_block_template(`$0'_depend) allow $1 iso9660_t:filesystem mount; ') define(`fs_unmount_cd_fs_depend',` type iso9660_t; class filesystem unmount; ') ######################################## # # fs_get_cd_fs_attributes(domain) # define(`fs_get_cd_fs_attributes',` requires_block_template(`$0'_depend) allow $1 iso9660_t:filesystem getattr; ') define(`fs_get_cd_fs_attributes_depend',` type iso9660_t; class filesystem getattr; ') ######################################## # # fs_mount_nfs_fs(domain) # define(`fs_mount_nfs_fs',` requires_block_template(`$0'_depend) allow $1 nfs_t:filesystem mount; ') define(`fs_mount_nfs_fs_depend',` type nfs_t; class filesystem mount; ') ######################################## # # fs_remount_nfs_fs(domain) # define(`fs_remount_nfs_fs',` requires_block_template(`$0'_depend) allow $1 nfs_t:filesystem remount; ') define(`fs_remount_nfs_fs_depend',` type nfs_t; class filesystem remount; ') ######################################## # # fs_unmount_nfs_fs(domain) # define(`fs_unmount_nfs_fs',` requires_block_template(`$0'_depend) allow $1 nfs_t:filesystem mount; ') define(`fs_unmount_nfs_fs_depend',` type nfs_t; class filesystem unmount; ') ######################################## # # fs_get_nfs_fs_attributes(domain) # define(`fs_get_nfs_fs_attributes',` requires_block_template(`$0'_depend) allow $1 nfs_t:filesystem getattr; ') define(`fs_get_nfs_fs_attributes_depend',` type nfs_t; class filesystem getattr; ') ######################################## # # fs_execute_nfs_files(domain) # define(`fs_execute_nfs_files',` requires_block_template(`$0'_depend) allow $1 nfs_t:dir r_dir_perms; allow $1 nfs_t:file { getattr read execute execute_no_trans }; ') define(`fs_execute_nfs_files_depend',` type nfs_t; class dir r_dir_perms; class file { getattr read execute execute_no_trans }; ') ######################################## # # fs_manage_nfs_directories(domain) # define(`fs_manage_nfs_directories',` requires_block_template(`$0'_depend) allow $1 nfs_t:dir create_dir_perms; ') define(`fs_manage_nfs_directories_depend',` type nfs_t; class dir create_dir_perms; ') ######################################## # # fs_manage_nfs_files(domain) # define(`fs_manage_nfs_files',` requires_block_template(`$0'_depend) allow $1 nfs_t:dir rw_dir_perms; allow $1 nfs_t:file create_file_perms; ') define(`fs_manage_nfs_files_depend',` type nfs_t; class dir rw_dir_perms; class file create_file_perms; ') ######################################## # # fs_manage_nfs_symbolic_links(domain) # define(`fs_manage_nfs_symbolic_links',` requires_block_template(`$0'_depend) allow $1 nfs_t:dir rw_dir_perms; allow $1 nfs_t:lnk_file create_lnk_perms; ') define(`fs_manage_nfs_symbolic_links_depend',` type nfs_t; class dir r_dir_perms; class lnk_file create_lnk_perms; ') ######################################## # # fs_manage_nfs_named_pipes(domain) # define(`fs_manage_nfs_named_pipes',` requires_block_template(`$0'_depend) allow $1 nfs_t:dir rw_dir_perms; allow $1 nfs_t:fifo_file create_file_perms; ') define(`fs_manage_nfs_named_pipes_depend',` type nfs_t; class dir { getattr search read write add_name remove_name }; class fifo_file { create ioctl read getattr lock write setattr append link unlink rename }; ') ######################################## # # fs_manage_nfs_named_sockets(domain) # define(`fs_manage_nfs_named_sockets',` requires_block_template(`$0'_depend) allow $1 nfs_t:dir rw_dir_perms; allow $1 nfs_t:sock_file create_file_perms; ') define(`fs_manage_nfs_named_sockets_depend',` type nfs_t; class dir rw_dir_perms; class sock_file create_file_perms; ') ######################################## # # fs_mount_nfsd_fs(domain) # define(`fs_mount_nfsd_fs',` requires_block_template(`$0'_depend) allow $1 nfsd_fs_t:filesystem mount; ') define(`fs_mount_nfsd_fs_depend',` type nfsd_fs_t; class filesystem mount; ') ######################################## # # fs_remount_nfsd_fs(domain) # define(`fs_remount_nfsd_fs',` requires_block_template(`$0'_depend) allow $1 nfsd_fs_t:filesystem remount; ') define(`fs_remount_nfsd_fs_depend',` type nfsd_fs_t; class filesystem remount; ') ######################################## # # fs_unmount_nfsd_fs(domain) # define(`fs_unmount_nfsd_fs',` requires_block_template(`$0'_depend) allow $1 nfsd_fs_t:filesystem mount; ') define(`fs_unmount_nfsd_fs_depend',` type nfsd_fs_t; class filesystem unmount; ') ######################################## # # fs_get_nfsd_fs_attributes(domain) # define(`fs_get_nfsd_fs_attributes',` requires_block_template(`$0'_depend) allow $1 nfsd_fs_t:filesystem getattr; ') define(`fs_get_nfsd_fs_attributes_depend',` type nfsd_fs_t; class filesystem getattr; ') ######################################## # # fs_mount_ram_fs(domain) # define(`fs_mount_ram_fs',` requires_block_template(`$0'_depend) allow $1 ramfs_t:filesystem mount; ') define(`fs_mount_ram_fs_depend',` type ramfs_t; class filesystem mount; ') ######################################## # # fs_remount_ram_fs(domain) # define(`fs_remount_ram_fs',` requires_block_template(`$0'_depend) allow $1 ramfs_t:filesystem remount; ') define(`fs_remount_ram_fs_depend',` type ramfs_t; class filesystem remount; ') ######################################## # # fs_unmount_ram_fs(domain) # define(`fs_unmount_ram_fs',` requires_block_template(`$0'_depend) allow $1 ramfs_t:filesystem mount; ') define(`fs_unmount_ram_fs_depend',` type ramfs_t; class filesystem unmount; ') ######################################## # # fs_get_ram_fs_attributes(domain) # define(`fs_get_ram_fs_attributes',` requires_block_template(`$0'_depend) allow $1 ramfs_t:filesystem getattr; ') define(`fs_get_ram_fs_attributes_depend',` type ramfs_t; class filesystem getattr; ') ######################################## # # fs_mount_rom_fs(domain) # define(`fs_mount_rom_fs',` requires_block_template(`$0'_depend) allow $1 romfs_t:filesystem mount; ') define(`fs_mount_rom_fs_depend',` type romfs_t; class filesystem mount; ') ######################################## # # fs_remount_rom_fs(domain) # define(`fs_remount_rom_fs',` requires_block_template(`$0'_depend) allow $1 romfs_t:filesystem remount; ') define(`fs_remount_rom_fs_depend',` type romfs_t; class filesystem remount; ') ######################################## # # fs_unmount_rom_fs(domain) # define(`fs_unmount_rom_fs',` requires_block_template(`$0'_depend) allow $1 romfs_t:filesystem mount; ') define(`fs_unmount_rom_fs_depend',` type romfs_t; class filesystem unmount; ') ######################################## # # fs_get_rom_fs_attributes(domain) # define(`fs_get_rom_fs_attributes',` requires_block_template(`$0'_depend) allow $1 romfs_t:filesystem getattr; ') define(`fs_get_rom_fs_attributes_depend',` type romfs_t; class filesystem getattr; ') ######################################## # # fs_mount_rpc_pipefs_fs(domain) # define(`fs_mount_rpc_pipefs_fs',` requires_block_template(`$0'_depend) allow $1 rpc_pipefs_t:filesystem mount; ') define(`fs_mount_rpc_pipefs_fs_depend',` type rpc_pipefs_t; class filesystem mount; ') ######################################## # # fs_remount_rpc_pipefs_fs(domain) # define(`fs_remount_rpc_pipefs_fs',` requires_block_template(`$0'_depend) allow $1 rpc_pipefs_t:filesystem remount; ') define(`fs_remount_rpc_pipefs_fs_depend',` type rpc_pipefs_t; class filesystem remount; ') ######################################## # # fs_unmount_rpc_pipefs_fs(domain) # define(`fs_unmount_rpc_pipefs_fs',` requires_block_template(`$0'_depend) allow $1 rpc_pipefs_t:filesystem mount; ') define(`fs_unmount_rpc_pipefs_fs_depend',` type rpc_pipefs_t; class filesystem unmount; ') ######################################## # # fs_get_rpc_pipefs_fs_attributes(domain) # define(`fs_get_rpc_pipefs_fs_attributes',` requires_block_template(`$0'_depend) allow $1 rpc_pipefs_t:filesystem getattr; ') define(`fs_get_rpc_pipefs_fs_attributes_depend',` type rpc_pipefs_t; class filesystem getattr; ') ######################################## # # fs_mount_tmpfs_fs(domain) # define(`fs_mount_tmpfs_fs',` requires_block_template(`$0'_depend) allow $1 tmpfs_t:filesystem mount; ') define(`fs_mount_tmpfs_fs_depend',` type tmpfs_t; class filesystem mount; ') ######################################## # # fs_remount_tmpfs_fs(domain) # define(`fs_remount_tmpfs_fs',` requires_block_template(`$0'_depend) allow $1 tmpfs_t:filesystem remount; ') define(`fs_remount_tmpfs_fs_depend',` type tmpfs_t; class filesystem remount; ') ######################################## # # fs_unmount_tmpfs_fs(domain) # define(`fs_unmount_tmpfs_fs',` requires_block_template(`$0'_depend) allow $1 tmpfs_t:filesystem mount; ') define(`fs_unmount_tmpfs_fs_depend',` type tmpfs_t; class filesystem unmount; ') ######################################## # # fs_get_tmpfs_fs_attributes(domain) # define(`fs_get_tmpfs_fs_attributes',` requires_block_template(`$0'_depend) allow $1 tmpfs_t:filesystem getattr; ') define(`fs_get_tmpfs_fs_attributes_depend',` type tmpfs_t; class filesystem getattr; ') ######################################## ## ## ## Allow the type to associate to tmpfs filesystems. ## ## ## The type of the object to be associated. ## ## ## # define(`fs_tmpfs_associate',` requires_block_template(`$0'_depend) allow $1 tmpfs_t:filesystem associate; ') define(`fs_tmpfs_associate_depend',` type tmpfs_t; class filesystem associate; ') ######################################## # # fs_create_private_tmpfs_data(domain,derivedtype,[class]) # define(`fs_create_private_tmpfs_data',` requires_block_template(`$0'_depend) allow $2 tmpfs_t:filesystem associate; allow $1 tmpfs_t:dir rw_dir_perms; ifelse(`$3',`',` type_transition $1 tmpfs_t:file $2; ',` type_transition $1 tmpfs_t:$3 $2; ') ') define(`fs_create_private_tmpfs_data_depend',` type tmpfs_t; class filesystem associate; class dir rw_dir_perms; ') ######################################## ## ## ## Read and write character nodes on tmpfs filesystems. ## ## ## The type of the process performing this action. ## ## ## # define(`fs_use_tmpfs_character_devices',` requires_block_template(`$0'_depend) allow $1 tmpfs_t:dir r_dir_perms; allow $1 tmpfs_t:chr_file rw_file_perms; ') define(`fs_use_tmpfs_character_devices_depend',` type tmpfs_t; class dir r_dir_perms; class chr_file rw_file_perms; ') ######################################## ## ## ## Relabel character nodes on tmpfs filesystems. ## ## ## The type of the process performing this action. ## ## ## # define(`fs_relabel_tmpfs_character_devices',` requires_block_template(`$0'_depend) allow $1 tmpfs_t:dir r_dir_perms; allow $1 tmpfs_t:chr_file { getattr relabelfrom relabelto }; ') define(`fs_relabel_tmpfs_character_devices_depend',` type tmpfs_t; class dir r_dir_perms; class chr_file { getattr relabelfrom relabelto }; ') ######################################## ## ## ## Read and write block nodes on tmpfs filesystems. ## ## ## The type of the process performing this action. ## ## ## # define(`fs_use_tmpfs_block_devices',` requires_block_template(`$0'_depend) allow $1 tmpfs_t:dir r_dir_perms; allow $1 tmpfs_t:blk_file rw_file_perms; ') define(`fs_use_tmpfs_block_devices_depend',` type tmpfs_t; class dir r_dir_perms; class blk_file rw_file_perms; ') ######################################## ## ## ## Relabel block nodes on tmpfs filesystems. ## ## ## The type of the process performing this action. ## ## ## # define(`fs_relabel_tmpfs_block_devices',` requires_block_template(`$0'_depend) allow $1 tmpfs_t:dir r_dir_perms; allow $1 tmpfs_t:blk_file { getattr relabelfrom relabelto }; ') define(`fs_use_tmpfs_block_devices_depend',` type tmpfs_t; class dir r_dir_perms; class blk_file { getattr relabelfrom relabelto }; ') ######################################## ## ## ## Read and write, create and delete character ## nodes on tmpfs filesystems. ## ## ## The type of the process performing this action. ## ## ## # define(`fs_manage_tmpfs_character_devices',` requires_block_template(`$0'_depend) allow $1 tmpfs_t:dir rw_dir_perms; allow $1 tmpfs_t:chr_file create_file_perms; ') define(`fs_manage_tmpfs_character_devices_depend',` type tmpfs_t; class dir rw_dir_perms; class chr_file create_file_perms; ') ######################################## ## ## ## Read and write, create and delete block nodes ## on tmpfs filesystems. ## ## ## The type of the process performing this action. ## ## ## # define(`fs_manage_tmpfs_block_devices',` requires_block_template(`$0'_depend) allow $1 tmpfs_t:dir rw_dir_perms; allow $1 tmpfs_t:blk_file create_file_perms; ') define(`fs_manage_tmpfs_block_devices_depend',` type tmpfs_t; class dir rw_dir_perms; class blk_file create_file_perms; ') ######################################## # # fs_mount_all_fs(type) # define(`fs_mount_all_fs',` requires_block_template(`$0'_depend) allow $1 fs_type:filesystem mount; ') define(`fs_mount_all_fs_depend',` attribute fs_type; class filesystem mount; ') ######################################## # # fs_remount_all_fs(type) # define(`fs_remount_all_fs',` requires_block_template(`$0'_depend) allow $1 fs_type:filesystem remount; ') define(`fs_remount_all_fs_depend',` attribute fs_type; class filesystem remount; ') ######################################## # # fs_unmount_all_fs(type) # define(`fs_unmount_all_fs',` requires_block_template(`$0'_depend) allow $1 fs_type:filesystem unmount; ') define(`fs_mount_all_fs_depend',` attribute fs_type; class filesystem unmount; ') ######################################## # # fs_get_all_fs_attributes(type) # define(`fs_get_all_fs_attributes',` requires_block_template(`$0'_depend) allow $1 fs_type:filesystem getattr; ') define(`fs_get_all_fs_attributes_depend',` attribute fs_type; class filesystem getattr; ') ######################################## # # fs_get_all_fs_quotas(type) # define(`fs_get_all_fs_quotas',` requires_block_template(`$0'_depend) allow $1 fs_type:filesystem quotaget; ') define(`fs_get_all_fs_quotas_depend',` attribute fs_type; class filesystem quotaget; ') ######################################## # # fs_set_all_fs_quotas(type) # define(`fs_set_all_fs_quotas',` requires_block_template(`$0'_depend) allow $1 fs_type:filesystem quotamod; ') define(`fs_set_all_fs_quotas_depend',` attribute fs_type; class filesystem quotamod; ') ######################################## # # fs_get_all_file_attributes(type) # define(`fs_get_all_file_attributes',` requires_block_template(`$0'_depend) allow $1 fs_type:dir { search getattr }; allow $1 fs_type:file getattr; allow $1 fs_type:lnk_file getattr; allow $1 fs_type:fifo_file getattr; allow $1 fs_type:sock_file getattr; ') define(`fs_get_all_file_attributes_depend',` attribute fs_type; class dir { search getattr }; class file getattr; class lnk_file getattr; class fifo_file getattr; class sock_file getattr; ') ##