|
Dominick Grift |
2c494a4 |
## <summary>Cross platform network backup.</summary>
|
|
Sven Vermeulen |
989b027 |
|
|
Sven Vermeulen |
989b027 |
########################################
|
|
Sven Vermeulen |
989b027 |
## <summary>
|
|
Dominick Grift |
2c494a4 |
## Execute bacula admin bacula
|
|
Dominick Grift |
2c494a4 |
## admin domain.
|
|
Sven Vermeulen |
989b027 |
## </summary>
|
|
Sven Vermeulen |
989b027 |
## <param name="domain">
|
|
Sven Vermeulen |
989b027 |
## <summary>
|
|
Sven Vermeulen |
989b027 |
## Domain allowed to transition.
|
|
Sven Vermeulen |
989b027 |
## </summary>
|
|
Sven Vermeulen |
989b027 |
## </param>
|
|
Sven Vermeulen |
989b027 |
#
|
|
Sven Vermeulen |
989b027 |
interface(`bacula_domtrans_admin',`
|
|
Sven Vermeulen |
989b027 |
gen_require(`
|
|
Sven Vermeulen |
989b027 |
type bacula_admin_t, bacula_admin_exec_t;
|
|
Sven Vermeulen |
989b027 |
')
|
|
Sven Vermeulen |
989b027 |
|
|
Dominick Grift |
2c494a4 |
corecmd_search_bin($1)
|
|
Sven Vermeulen |
989b027 |
domtrans_pattern($1, bacula_admin_exec_t, bacula_admin_t)
|
|
Sven Vermeulen |
989b027 |
')
|
|
Sven Vermeulen |
989b027 |
|
|
Sven Vermeulen |
989b027 |
########################################
|
|
Sven Vermeulen |
989b027 |
## <summary>
|
|
Dominick Grift |
2c494a4 |
## Execute user interfaces in the
|
|
Dominick Grift |
2c494a4 |
## bacula admin domain, and allow the
|
|
Dominick Grift |
2c494a4 |
## specified role the bacula admin domain.
|
|
Sven Vermeulen |
989b027 |
## </summary>
|
|
Sven Vermeulen |
989b027 |
## <param name="domain">
|
|
Sven Vermeulen |
989b027 |
## <summary>
|
|
Sven Vermeulen |
989b027 |
## Domain allowed to transition.
|
|
Sven Vermeulen |
989b027 |
## </summary>
|
|
Sven Vermeulen |
989b027 |
## </param>
|
|
Sven Vermeulen |
989b027 |
## <param name="role">
|
|
Sven Vermeulen |
989b027 |
## <summary>
|
|
Sven Vermeulen |
989b027 |
## Role allowed access.
|
|
Sven Vermeulen |
989b027 |
## </summary>
|
|
Sven Vermeulen |
989b027 |
## </param>
|
|
Sven Vermeulen |
989b027 |
## <rolecap/>
|
|
Sven Vermeulen |
989b027 |
#
|
|
Sven Vermeulen |
989b027 |
interface(`bacula_run_admin',`
|
|
Sven Vermeulen |
989b027 |
gen_require(`
|
|
Dominick Grift |
2c494a4 |
attribute_role bacula_admin_roles;
|
|
Sven Vermeulen |
989b027 |
')
|
|
Sven Vermeulen |
989b027 |
|
|
Sven Vermeulen |
989b027 |
bacula_domtrans_admin($1)
|
|
Dominick Grift |
2c494a4 |
roleattribute $2 bacula_admin_roles;
|
|
Dominick Grift |
2c494a4 |
')
|
|
Dominick Grift |
2c494a4 |
|
|
Dominick Grift |
2c494a4 |
########################################
|
|
Dominick Grift |
2c494a4 |
## <summary>
|
|
Dominick Grift |
2c494a4 |
## All of the rules required to
|
|
Dominick Grift |
2c494a4 |
## administrate an bacula environment.
|
|
Dominick Grift |
2c494a4 |
## </summary>
|
|
Dominick Grift |
2c494a4 |
## <param name="domain">
|
|
Dominick Grift |
2c494a4 |
## <summary>
|
|
Dominick Grift |
2c494a4 |
## Domain allowed access.
|
|
Dominick Grift |
2c494a4 |
## </summary>
|
|
Dominick Grift |
2c494a4 |
## </param>
|
|
Dominick Grift |
2c494a4 |
## <param name="role">
|
|
Dominick Grift |
2c494a4 |
## <summary>
|
|
Dominick Grift |
2c494a4 |
## Role allowed access.
|
|
Dominick Grift |
2c494a4 |
## </summary>
|
|
Dominick Grift |
2c494a4 |
## </param>
|
|
Dominick Grift |
2c494a4 |
## <rolecap/>
|
|
Dominick Grift |
2c494a4 |
#
|
|
Dominick Grift |
2c494a4 |
interface(`bacula_admin',`
|
|
Dominick Grift |
2c494a4 |
gen_require(`
|
|
Dominick Grift |
2c494a4 |
type bacula_t, bacula_etc_t, bacula_log_t;
|
|
Dominick Grift |
2c494a4 |
type bacula_spool_t, bacula_var_lib_t;
|
|
Dominick Grift |
2c494a4 |
type bacula_var_run_t, bacula_initrc_exec_t;
|
|
Dominick Grift |
2c494a4 |
')
|
|
Dominick Grift |
2c494a4 |
|
|
Dominick Grift |
2c494a4 |
allow $1 bacula_t:process { ptrace signal_perms };
|
|
Dominick Grift |
2c494a4 |
ps_process_pattern($1, bacula_t)
|
|
Dominick Grift |
2c494a4 |
|
|
Dominick Grift |
2c494a4 |
init_labeled_script_domtrans($1, bacula_initrc_exec_t)
|
|
Dominick Grift |
2c494a4 |
domain_system_change_exemption($1)
|
|
Dominick Grift |
2c494a4 |
role_transition $2 bacula_initrc_exec_t system_r;
|
|
Dominick Grift |
2c494a4 |
allow $2 system_r;
|
|
Dominick Grift |
2c494a4 |
|
|
Dominick Grift |
2c494a4 |
files_search_etc($1)
|
|
Dominick Grift |
2c494a4 |
admin_pattern($1, bacula_etc_t)
|
|
Dominick Grift |
2c494a4 |
|
|
Dominick Grift |
2c494a4 |
logging_search_logs($1)
|
|
Dominick Grift |
2c494a4 |
admin_pattern($1, bacula_log_t)
|
|
Dominick Grift |
2c494a4 |
|
|
Dominick Grift |
2c494a4 |
files_search_var($1)
|
|
Dominick Grift |
2c494a4 |
admin_pattern($1, bacula_spool_t)
|
|
Dominick Grift |
2c494a4 |
|
|
Dominick Grift |
2c494a4 |
files_search_var_lib($1)
|
|
Dominick Grift |
2c494a4 |
admin_pattern($1, bacula_var_lib_t)
|
|
Dominick Grift |
2c494a4 |
|
|
Dominick Grift |
2c494a4 |
files_search_pids($1)
|
|
Dominick Grift |
2c494a4 |
admin_pattern($1, bacula_var_run_t)
|
|
Dominick Grift |
2c494a4 |
|
|
Dominick Grift |
2c494a4 |
bacula_run_admin($1, $2)
|
|
Sven Vermeulen |
989b027 |
')
|