|
Dominick Grift |
4b52f16 |
policy_module(ada, 1.4.1)
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
########################################
|
|
Chris PeBenito |
9401ae1 |
#
|
|
Chris PeBenito |
9401ae1 |
# Declarations
|
|
Chris PeBenito |
9401ae1 |
#
|
|
Chris PeBenito |
9401ae1 |
|
|
Dominick Grift |
4b52f16 |
attribute_role ada_roles;
|
|
Dominick Grift |
4b52f16 |
roleattribute system_r ada_roles;
|
|
Dominick Grift |
4b52f16 |
|
|
Chris PeBenito |
9401ae1 |
type ada_t;
|
|
Chris PeBenito |
9401ae1 |
type ada_exec_t;
|
|
Chris PeBenito |
9401ae1 |
application_domain(ada_t, ada_exec_t)
|
|
Dominick Grift |
4b52f16 |
role ada_roles types ada_t;
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
########################################
|
|
Chris PeBenito |
9401ae1 |
#
|
|
Chris PeBenito |
9401ae1 |
# Local policy
|
|
Chris PeBenito |
9401ae1 |
#
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
allow ada_t self:process { execstack execmem };
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
userdom_use_user_terminals(ada_t)
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
optional_policy(`
|
|
Chris PeBenito |
9401ae1 |
unconfined_domain(ada_t)
|
|
Chris PeBenito |
9401ae1 |
')
|