# Copyright (C) 2005 Tresys Technology, LLC ####################################### # # iptables_transition(domain) # define(`iptables_transition',` requires_block_template(iptables_transition_depend) allow $1 iptables_exec_t:file { getattr read execute }; allow $1 iptables_t:process transition; type_transition $1 iptables_exec_t:file iptables_t; dontaudit $1 iptables_t:process { noatsecure siginh rlimitinh }; ') define(`iptables_transition_depend',` type iptables_t, iptables_exec_t; class file { getattr read execute }; class process { transition noatsecure siginh rlimitinh }; ') ####################################### # # iptables_execute(domain) # define(`iptables_execute',` requires_block_template(iptables_execute_depend) allow $1 iptables_exec_t:file { getattr read execute execute_no_trans }; ') define(`iptables_execute_depend',` type iptables_t, iptables_exec_t; class file { getattr read execute execute_no_trans }; ')