## <summary>SELinux policy for Oident daemon.</summary> ## <desc> ## <p> ## Oident daemon is a server that implements the TCP/IP ## standard IDENT user identification protocol as ## specified in the RFC 1413 document. ## </p> ## </desc> ######################################## ## <summary> ## Allow the specified domain to read ## Oidentd personal configuration files. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`oident_read_user_content', ` gen_require(` type oidentd_home_t; ') allow $1 oidentd_home_t:file read_file_perms; userdom_search_user_home_dirs($1) ') ######################################## ## <summary> ## Allow the specified domain to create, read, write, and delete ## Oidentd personal configuration files. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`oident_manage_user_content', ` gen_require(` type oidentd_home_t; ') allow $1 oidentd_home_t:file manage_file_perms; userdom_search_user_home_dirs($1) ') ######################################## ## <summary> ## Allow the specified domain to relabel ## Oidentd personal configuration files. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`oident_relabel_user_content', ` gen_require(` type oidentd_home_t; ') allow $1 oidentd_home_t:file relabel_file_perms; userdom_search_user_home_dirs($1) ')