selinux-policy/targeted/file_contexts/program/daemontools.fc
2005-10-21 18:05:21 +00:00

55 lines
2.1 KiB
Plaintext

# daemontools
/var/service/.* system_u:object_r:svc_svc_t
# symlinks to /var/service/*
/service(/.*)? system_u:object_r:svc_svc_t
# supervise scripts
/usr/bin/svc-add -- system_u:object_r:svc_script_exec_t
/usr/bin/svc-isdown -- system_u:object_r:svc_script_exec_t
/usr/bin/svc-isup -- system_u:object_r:svc_script_exec_t
/usr/bin/svc-remove -- system_u:object_r:svc_script_exec_t
/usr/bin/svc-start -- system_u:object_r:svc_script_exec_t
/usr/bin/svc-status -- system_u:object_r:svc_script_exec_t
/usr/bin/svc-stop -- system_u:object_r:svc_script_exec_t
/usr/bin/svc-waitdown -- system_u:object_r:svc_script_exec_t
/usr/bin/svc-waitup -- system_u:object_r:svc_script_exec_t
# supervise init binaries
# these programs read/write to /service/*/supervise/* and /service/*/log/supervise/*
/usr/bin/svc -- system_u:object_r:svc_start_exec_t
/usr/bin/svscan -- system_u:object_r:svc_start_exec_t
/usr/bin/svscanboot -- system_u:object_r:svc_start_exec_t
/usr/bin/svok -- system_u:object_r:svc_start_exec_t
/usr/bin/supervise -- system_u:object_r:svc_start_exec_t
# starting scripts
/var/service/.*/run.* system_u:object_r:svc_run_exec_t
/var/service/.*/log/run system_u:object_r:svc_run_exec_t
# configurations
/var/service/.*/env(/.*)? system_u:object_r:svc_conf_t
# log
/var/service/.*/log/main(/.*)? system_u:object_r:svc_log_t
# programs that impose a given environment to daemons
/usr/bin/softlimit -- system_u:object_r:svc_run_exec_t
/usr/bin/setuidgid -- system_u:object_r:svc_run_exec_t
/usr/bin/envuidgid -- system_u:object_r:svc_run_exec_t
/usr/bin/envdir -- system_u:object_r:svc_run_exec_t
/usr/bin/setlock -- system_u:object_r:svc_run_exec_t
# helper programs
/usr/bin/fghack -- system_u:object_r:svc_run_exec_t
/usr/bin/pgrphack -- system_u:object_r:svc_run_exec_t
/var/run/svscan\.pid -- system_u:object_r:initrc_var_run_t
# daemontools logger # writes to service/*/log/main/ and /var/log/*/
/usr/bin/multilog -- system_u:object_r:svc_multilog_exec_t
/sbin/svcinit -- system_u:object_r:initrc_exec_t
/sbin/runsvcscript\.sh -- system_u:object_r:initrc_exec_t