psss / rpms / selinux-policy

Forked from rpms/selinux-policy 5 years ago
Clone
Source Code
GIT

Blame calamaris.if

f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f7 f8 f9 master master-docker master_contrib private-master-atomic-policy private-master-migrate-to-var-lib-selinux requires tests
  1.   master_contrib
  2.   calamaris.if
Blob History Raw
Dominick Grift 74f1817 
## <summary>Squid log analysis.</summary>
Dominick Grift 74f1817
Dominick Grift 74f1817 
########################################
Dominick Grift 74f1817 
## <summary>
Dominick Grift 74f1817 
##	Execute the calamaris in
Dominick Grift 74f1817 
##	the calamaris domain.
Dominick Grift 74f1817 
## </summary>
Dominick Grift 74f1817 
## <param name="domain">
Dominick Grift 74f1817 
##	<summary>
Dominick Grift 74f1817 
##	Domain allowed to transition.
Dominick Grift 74f1817 
##	</summary>
Dominick Grift 74f1817 
## </param>
Dominick Grift 74f1817 
#
Dominick Grift 74f1817 
interface(`calamaris_domtrans',`
Dominick Grift 74f1817 
	gen_require(`
Dominick Grift 74f1817 
		type calamaris_t, calamaris_exec_t;
Dominick Grift 74f1817 
	')
Dominick Grift 74f1817
Dominick Grift 74f1817 
	files_search_etc($1)
Dominick Grift 74f1817 
	domtrans_pattern($1, calamaris_exec_t, calamaris_t)
Dominick Grift 74f1817 
')
Dominick Grift 74f1817
Dominick Grift 74f1817 
########################################
Dominick Grift 74f1817 
## <summary>
Dominick Grift 74f1817 
##	Execute calamaris in the
Dominick Grift 74f1817 
##	calamaris domain, and allow the
Dominick Grift 74f1817 
##	specified role the calamaris domain.
Dominick Grift 74f1817 
## </summary>
Dominick Grift 74f1817 
## <param name="domain">
Dominick Grift 74f1817 
##	<summary>
Dominick Grift 74f1817 
##	Domain allowed to transition.
Dominick Grift 74f1817 
##	</summary>
Dominick Grift 74f1817 
## </param>
Dominick Grift 74f1817 
## <param name="role">
Dominick Grift 74f1817 
##	<summary>
Dominick Grift 74f1817 
##	Role allowed access.
Dominick Grift 74f1817 
##	</summary>
Dominick Grift 74f1817 
## </param>
Dominick Grift 74f1817 
#
Dominick Grift 74f1817 
interface(`calamaris_run',`
Dominick Grift 74f1817 
	gen_require(`
Dominick Grift 74f1817 
		attribute_role calamaris_roles;
Dominick Grift 74f1817 
	')
Dominick Grift 74f1817
Dominick Grift 74f1817 
	lightsquid_domtrans($1)
Dominick Grift 74f1817 
	roleattribute $2 calamaris_roles;
Dominick Grift 74f1817 
')
Chris PeBenito 9401ae1
Chris PeBenito 9401ae1 
#######################################
Chris PeBenito 9401ae1 
## <summary>
Dominick Grift 74f1817 
##	Read calamaris www files.
Chris PeBenito 9401ae1 
## </summary>
Chris PeBenito 9401ae1 
## <param name="domain">
Chris PeBenito 9401ae1 
##	<summary>
Chris PeBenito 9401ae1 
##	Domain allowed access.
Chris PeBenito 9401ae1 
##	</summary>
Chris PeBenito 9401ae1 
## </param>
Chris PeBenito 9401ae1 
#
Chris PeBenito 9401ae1 
interface(`calamaris_read_www_files',`
Chris PeBenito 9401ae1 
	gen_require(`
Chris PeBenito 9401ae1 
		type calamaris_www_t;
Chris PeBenito 9401ae1 
	')
Chris PeBenito 9401ae1
Chris PeBenito 9401ae1 
	allow $1 calamaris_www_t:dir list_dir_perms;
Chris PeBenito 9401ae1 
	read_files_pattern($1, calamaris_www_t, calamaris_www_t)
Chris PeBenito 9401ae1 
	read_lnk_files_pattern($1, calamaris_www_t, calamaris_www_t)
Chris PeBenito 9401ae1 
')
Dominick Grift 74f1817
Dominick Grift 74f1817 
########################################
Dominick Grift 74f1817 
## <summary>
Dominick Grift 74f1817 
##	All of the rules required to
Dominick Grift 74f1817 
##	administrate an calamaris environment.
Dominick Grift 74f1817 
## </summary>
Dominick Grift 74f1817 
## <param name="domain">
Dominick Grift 74f1817 
##	<summary>
Dominick Grift 74f1817 
##	Domain allowed access.
Dominick Grift 74f1817 
##	</summary>
Dominick Grift 74f1817 
## </param>
Dominick Grift 74f1817 
## <param name="role">
Dominick Grift 74f1817 
##	<summary>
Dominick Grift 74f1817 
##	Role allowed access.
Dominick Grift 74f1817 
##	</summary>
Dominick Grift 74f1817 
## </param>
Dominick Grift 74f1817 
## <rolecap/>
Dominick Grift 74f1817 
#
Dominick Grift 74f1817 
interface(`calamaris_admin',`
Dominick Grift 74f1817 
	gen_require(`
Dominick Grift 74f1817 
		type calamaris_t, calamaris_log_t, calamaris_www_t;
Dominick Grift 74f1817 
	')
Dominick Grift 74f1817
Dominick Grift 74f1817 
	allow $1 calamaris_t:process { ptrace signal_perms };
Dominick Grift 74f1817 
	ps_process_pattern($1, calamaris_t)
Dominick Grift 74f1817
Dominick Grift 74f1817 
	calamaris_run($1, $2)
Dominick Grift 74f1817
Dominick Grift 74f1817 
	logging_list_logs($1)
Dominick Grift 74f1817 
	admin_pattern($1, calamaris_log_t)
Dominick Grift 74f1817
Dominick Grift 74f1817 
	apache_list_sys_content($1)
Dominick Grift 74f1817 
	admin_pattern($1, calamaris_www_t)
Dominick Grift 74f1817 
')
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.