## Internet services daemon. ######################################## ## ## Define the specified domain as a inetd service. ## ## ##

## Define the specified domain as a inetd service. The ## inetd_service_domain(), inetd_tcp_service_domain(), ## or inetd_udp_service_domain() interfaces should be used ## instead of this interface, as this interface only provides ## the common rules to these three interfaces. ##

##
## ## ## The type associated with the inetd service process. ## ## ## ## ## The type associated with the process program. ## ## # interface(`inetd_core_service_domain',` gen_require(` type inetd_t; role system_r; ') domain_type($1) domain_entry_file($1, $2) role system_r types $1; domtrans_pattern(inetd_t, $2, $1) allow inetd_t $1:process { siginh sigkill }; ') ######################################## ## ## Define the specified domain as a TCP inetd service. ## ## ## ## The type associated with the inetd service process. ## ## ## ## ## The type associated with the process program. ## ## # interface(`inetd_tcp_service_domain',` gen_require(` type inetd_t; ') inetd_core_service_domain($1, $2) allow $1 inetd_t:tcp_socket rw_stream_socket_perms; ') ######################################## ## ## Define the specified domain as a UDP inetd service. ## ## ## ## The type associated with the inetd service process. ## ## ## ## ## The type associated with the process program. ## ## # interface(`inetd_udp_service_domain',` gen_require(` type inetd_t; ') inetd_core_service_domain($1, $2) allow $1 inetd_t:udp_socket rw_socket_perms; ') ######################################## ## ## Define the specified domain as a TCP and UDP inetd service. ## ## ## ## The type associated with the inetd service process. ## ## ## ## ## The type associated with the process program. ## ## # interface(`inetd_service_domain',` gen_require(` type inetd_t; ') inetd_core_service_domain($1, $2) allow $1 inetd_t:tcp_socket rw_stream_socket_perms; allow $1 inetd_t:udp_socket rw_socket_perms; # encrypt the service through stunnel optional_policy(` stunnel_service_domain($1, $2) ') ') ######################################## ## ## Inherit and use file descriptors from inetd. ## ## ## ## Domain allowed access. ## ## # interface(`inetd_use_fds',` gen_require(` type inetd_t; ') allow $1 inetd_t:fd use; ') ######################################## ## ## Connect to the inetd service using a TCP connection. (Deprecated) ## ## ## ## Domain allowed access. ## ## # interface(`inetd_tcp_connect',` refpolicywarn(`$0($*) has been deprecated.') ') ######################################## ## ## Run inetd child process in the inet child domain ## ## ## ## Domain allowed access. ## ## # interface(`inetd_domtrans_child',` gen_require(` type inetd_child_t, inetd_child_exec_t; ') corecmd_search_bin($1) domtrans_pattern($1, inetd_child_exec_t, inetd_child_t) ') ######################################## ## ## Send UDP network traffic to inetd. (Deprecated) ## ## ## ## Domain allowed access. ## ## # interface(`inetd_udp_send',` refpolicywarn(`$0($*) has been deprecated.') ') ######################################## ## ## Read and write inetd TCP sockets. ## ## ## ## Domain allowed access. ## ## # interface(`inetd_rw_tcp_sockets',` gen_require(` type inetd_t; ') allow $1 inetd_t:tcp_socket rw_stream_socket_perms; ')