rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity
fad6e761bf
selinux-policy/policy/modules/admin/brctl.te

46 lines
952 B
Plaintext
Raw Blame History

policy_module(brctl, 1.4.0)
########################################
#
# Declarations
#
type brctl_t;
type brctl_exec_t;
domain_type(brctl_t)
init_system_domain(brctl_t, brctl_exec_t)
########################################
#
# brctl local policy
#
allow brctl_t self:capability net_admin;
allow brctl_t self:fifo_file rw_file_perms;
allow brctl_t self:unix_stream_socket create_stream_socket_perms;
allow brctl_t self:unix_dgram_socket create_socket_perms;
allow brctl_t self:tcp_socket create_socket_perms;
kernel_load_module(brctl_t)
kernel_read_network_state(brctl_t)
kernel_read_sysctl(brctl_t)
corenet_rw_tun_tap_dev(brctl_t)
dev_rw_sysfs(brctl_t)
dev_write_sysfs_dirs(brctl_t)
# Init script handling
domain_use_interactive_fds(brctl_t)
files_read_etc_files(brctl_t)
term_dontaudit_use_console(brctl_t)
miscfiles_read_localization(brctl_t)
optional_policy(`
xen_append_log(brctl_t)
xen_dontaudit_rw_unix_stream_sockets(brctl_t)
')
Reference in New Issue View Git Blame Copy Permalink