psss / rpms / selinux-policy

Forked from rpms/selinux-policy 5 years ago
Clone
Source Code
GIT

Blame bacula.if

f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f7 f8 f9 master master-docker master_contrib private-master-atomic-policy private-master-migrate-to-var-lib-selinux requires tests
  1.   master_contrib
  2.   bacula.if
Blob History Raw
Dominick Grift 2c494a4 
## <summary>Cross platform network backup.</summary>
Sven Vermeulen 989b027
Sven Vermeulen 989b027 
########################################
Sven Vermeulen 989b027 
## <summary>
Dominick Grift 2c494a4 
##	Execute bacula admin bacula
Dominick Grift 2c494a4 
##	admin domain.
Sven Vermeulen 989b027 
## </summary>
Sven Vermeulen 989b027 
## <param name="domain">
Sven Vermeulen 989b027 
##	<summary>
Sven Vermeulen 989b027 
##	Domain allowed to transition.
Sven Vermeulen 989b027 
##	</summary>
Sven Vermeulen 989b027 
## </param>
Sven Vermeulen 989b027 
#
Sven Vermeulen 989b027 
interface(`bacula_domtrans_admin',`
Sven Vermeulen 989b027 
	gen_require(`
Sven Vermeulen 989b027 
		type bacula_admin_t, bacula_admin_exec_t;
Sven Vermeulen 989b027 
	')
Sven Vermeulen 989b027
Dominick Grift 2c494a4 
	corecmd_search_bin($1)
Sven Vermeulen 989b027 
	domtrans_pattern($1, bacula_admin_exec_t, bacula_admin_t)
Sven Vermeulen 989b027 
')
Sven Vermeulen 989b027
Sven Vermeulen 989b027 
########################################
Sven Vermeulen 989b027 
## <summary>
Dominick Grift 2c494a4 
##	Execute user interfaces in the
Dominick Grift 2c494a4 
##	bacula admin domain, and allow the
Dominick Grift 2c494a4 
##	specified role the bacula admin domain.
Sven Vermeulen 989b027 
## </summary>
Sven Vermeulen 989b027 
## <param name="domain">
Sven Vermeulen 989b027 
##	<summary>
Sven Vermeulen 989b027 
##	Domain allowed to transition.
Sven Vermeulen 989b027 
##	</summary>
Sven Vermeulen 989b027 
## </param>
Sven Vermeulen 989b027 
## <param name="role">
Sven Vermeulen 989b027 
##	<summary>
Sven Vermeulen 989b027 
##	Role allowed access.
Sven Vermeulen 989b027 
##	</summary>
Sven Vermeulen 989b027 
## </param>
Sven Vermeulen 989b027 
## <rolecap/>
Sven Vermeulen 989b027 
#
Sven Vermeulen 989b027 
interface(`bacula_run_admin',`
Sven Vermeulen 989b027 
	gen_require(`
Dominick Grift 2c494a4 
		attribute_role bacula_admin_roles;
Sven Vermeulen 989b027 
	')
Sven Vermeulen 989b027
Sven Vermeulen 989b027 
	bacula_domtrans_admin($1)
Dominick Grift 2c494a4 
	roleattribute $2 bacula_admin_roles;
Dominick Grift 2c494a4 
')
Dominick Grift 2c494a4
Dominick Grift 2c494a4 
########################################
Dominick Grift 2c494a4 
## <summary>
Dominick Grift 2c494a4 
##	All of the rules required to
Dominick Grift 2c494a4 
##	administrate an bacula environment.
Dominick Grift 2c494a4 
## </summary>
Dominick Grift 2c494a4 
## <param name="domain">
Dominick Grift 2c494a4 
##	<summary>
Dominick Grift 2c494a4 
##	Domain allowed access.
Dominick Grift 2c494a4 
##	</summary>
Dominick Grift 2c494a4 
## </param>
Dominick Grift 2c494a4 
## <param name="role">
Dominick Grift 2c494a4 
##	<summary>
Dominick Grift 2c494a4 
##	Role allowed access.
Dominick Grift 2c494a4 
##	</summary>
Dominick Grift 2c494a4 
## </param>
Dominick Grift 2c494a4 
## <rolecap/>
Dominick Grift 2c494a4 
#
Dominick Grift 2c494a4 
interface(`bacula_admin',`
Dominick Grift 2c494a4 
	gen_require(`
Dominick Grift 2c494a4 
		type bacula_t, bacula_etc_t, bacula_log_t;
Dominick Grift 2c494a4 
		type bacula_spool_t, bacula_var_lib_t;
Dominick Grift 2c494a4 
		type bacula_var_run_t, bacula_initrc_exec_t;
Dominick Grift 2c494a4 
	')
Dominick Grift 2c494a4
Dominick Grift 2c494a4 
	allow $1 bacula_t:process { ptrace signal_perms };
Dominick Grift 2c494a4 
	ps_process_pattern($1, bacula_t)
Dominick Grift 2c494a4
Dominick Grift 2c494a4 
	init_labeled_script_domtrans($1, bacula_initrc_exec_t)
Dominick Grift 2c494a4 
	domain_system_change_exemption($1)
Dominick Grift 2c494a4 
	role_transition $2 bacula_initrc_exec_t system_r;
Dominick Grift 2c494a4 
	allow $2 system_r;
Dominick Grift 2c494a4
Dominick Grift 2c494a4 
	files_search_etc($1)
Dominick Grift 2c494a4 
	admin_pattern($1, bacula_etc_t)
Dominick Grift 2c494a4
Dominick Grift 2c494a4 
	logging_search_logs($1)
Dominick Grift 2c494a4 
	admin_pattern($1, bacula_log_t)
Dominick Grift 2c494a4
Dominick Grift 2c494a4 
	files_search_var($1)
Dominick Grift 2c494a4 
	admin_pattern($1, bacula_spool_t)
Dominick Grift 2c494a4
Dominick Grift 2c494a4 
	files_search_var_lib($1)
Dominick Grift 2c494a4 
	admin_pattern($1, bacula_var_lib_t)
Dominick Grift 2c494a4
Dominick Grift 2c494a4 
	files_search_pids($1)
Dominick Grift 2c494a4 
	admin_pattern($1, bacula_var_run_t)
Dominick Grift 2c494a4
Dominick Grift 2c494a4 
	bacula_run_admin($1, $2)
Sven Vermeulen 989b027 
')
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.