|
Dominick Grift |
74f1817 |
## <summary>Squid log analysis.</summary>
|
|
Dominick Grift |
74f1817 |
|
|
Dominick Grift |
74f1817 |
########################################
|
|
Dominick Grift |
74f1817 |
## <summary>
|
|
Dominick Grift |
74f1817 |
## Execute the calamaris in
|
|
Dominick Grift |
74f1817 |
## the calamaris domain.
|
|
Dominick Grift |
74f1817 |
## </summary>
|
|
Dominick Grift |
74f1817 |
## <param name="domain">
|
|
Dominick Grift |
74f1817 |
## <summary>
|
|
Dominick Grift |
74f1817 |
## Domain allowed to transition.
|
|
Dominick Grift |
74f1817 |
## </summary>
|
|
Dominick Grift |
74f1817 |
## </param>
|
|
Dominick Grift |
74f1817 |
#
|
|
Dominick Grift |
74f1817 |
interface(`calamaris_domtrans',`
|
|
Dominick Grift |
74f1817 |
gen_require(`
|
|
Dominick Grift |
74f1817 |
type calamaris_t, calamaris_exec_t;
|
|
Dominick Grift |
74f1817 |
')
|
|
Dominick Grift |
74f1817 |
|
|
Dominick Grift |
74f1817 |
files_search_etc($1)
|
|
Dominick Grift |
74f1817 |
domtrans_pattern($1, calamaris_exec_t, calamaris_t)
|
|
Dominick Grift |
74f1817 |
')
|
|
Dominick Grift |
74f1817 |
|
|
Dominick Grift |
74f1817 |
########################################
|
|
Dominick Grift |
74f1817 |
## <summary>
|
|
Dominick Grift |
74f1817 |
## Execute calamaris in the
|
|
Dominick Grift |
74f1817 |
## calamaris domain, and allow the
|
|
Dominick Grift |
74f1817 |
## specified role the calamaris domain.
|
|
Dominick Grift |
74f1817 |
## </summary>
|
|
Dominick Grift |
74f1817 |
## <param name="domain">
|
|
Dominick Grift |
74f1817 |
## <summary>
|
|
Dominick Grift |
74f1817 |
## Domain allowed to transition.
|
|
Dominick Grift |
74f1817 |
## </summary>
|
|
Dominick Grift |
74f1817 |
## </param>
|
|
Dominick Grift |
74f1817 |
## <param name="role">
|
|
Dominick Grift |
74f1817 |
## <summary>
|
|
Dominick Grift |
74f1817 |
## Role allowed access.
|
|
Dominick Grift |
74f1817 |
## </summary>
|
|
Dominick Grift |
74f1817 |
## </param>
|
|
Dominick Grift |
74f1817 |
#
|
|
Dominick Grift |
74f1817 |
interface(`calamaris_run',`
|
|
Dominick Grift |
74f1817 |
gen_require(`
|
|
Dominick Grift |
74f1817 |
attribute_role calamaris_roles;
|
|
Dominick Grift |
74f1817 |
')
|
|
Dominick Grift |
74f1817 |
|
|
Dominick Grift |
74f1817 |
lightsquid_domtrans($1)
|
|
Dominick Grift |
74f1817 |
roleattribute $2 calamaris_roles;
|
|
Dominick Grift |
74f1817 |
')
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
#######################################
|
|
Chris PeBenito |
9401ae1 |
## <summary>
|
|
Dominick Grift |
74f1817 |
## Read calamaris www files.
|
|
Chris PeBenito |
9401ae1 |
## </summary>
|
|
Chris PeBenito |
9401ae1 |
## <param name="domain">
|
|
Chris PeBenito |
9401ae1 |
## <summary>
|
|
Chris PeBenito |
9401ae1 |
## Domain allowed access.
|
|
Chris PeBenito |
9401ae1 |
## </summary>
|
|
Chris PeBenito |
9401ae1 |
## </param>
|
|
Chris PeBenito |
9401ae1 |
#
|
|
Chris PeBenito |
9401ae1 |
interface(`calamaris_read_www_files',`
|
|
Chris PeBenito |
9401ae1 |
gen_require(`
|
|
Chris PeBenito |
9401ae1 |
type calamaris_www_t;
|
|
Chris PeBenito |
9401ae1 |
')
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
allow $1 calamaris_www_t:dir list_dir_perms;
|
|
Chris PeBenito |
9401ae1 |
read_files_pattern($1, calamaris_www_t, calamaris_www_t)
|
|
Chris PeBenito |
9401ae1 |
read_lnk_files_pattern($1, calamaris_www_t, calamaris_www_t)
|
|
Chris PeBenito |
9401ae1 |
')
|
|
Dominick Grift |
74f1817 |
|
|
Dominick Grift |
74f1817 |
########################################
|
|
Dominick Grift |
74f1817 |
## <summary>
|
|
Dominick Grift |
74f1817 |
## All of the rules required to
|
|
Dominick Grift |
74f1817 |
## administrate an calamaris environment.
|
|
Dominick Grift |
74f1817 |
## </summary>
|
|
Dominick Grift |
74f1817 |
## <param name="domain">
|
|
Dominick Grift |
74f1817 |
## <summary>
|
|
Dominick Grift |
74f1817 |
## Domain allowed access.
|
|
Dominick Grift |
74f1817 |
## </summary>
|
|
Dominick Grift |
74f1817 |
## </param>
|
|
Dominick Grift |
74f1817 |
## <param name="role">
|
|
Dominick Grift |
74f1817 |
## <summary>
|
|
Dominick Grift |
74f1817 |
## Role allowed access.
|
|
Dominick Grift |
74f1817 |
## </summary>
|
|
Dominick Grift |
74f1817 |
## </param>
|
|
Dominick Grift |
74f1817 |
## <rolecap/>
|
|
Dominick Grift |
74f1817 |
#
|
|
Dominick Grift |
74f1817 |
interface(`calamaris_admin',`
|
|
Dominick Grift |
74f1817 |
gen_require(`
|
|
Dominick Grift |
74f1817 |
type calamaris_t, calamaris_log_t, calamaris_www_t;
|
|
Dominick Grift |
74f1817 |
')
|
|
Dominick Grift |
74f1817 |
|
|
Dominick Grift |
74f1817 |
allow $1 calamaris_t:process { ptrace signal_perms };
|
|
Dominick Grift |
74f1817 |
ps_process_pattern($1, calamaris_t)
|
|
Dominick Grift |
74f1817 |
|
|
Dominick Grift |
74f1817 |
calamaris_run($1, $2)
|
|
Dominick Grift |
74f1817 |
|
|
Dominick Grift |
74f1817 |
logging_list_logs($1)
|
|
Dominick Grift |
74f1817 |
admin_pattern($1, calamaris_log_t)
|
|
Dominick Grift |
74f1817 |
|
|
Dominick Grift |
74f1817 |
apache_list_sys_content($1)
|
|
Dominick Grift |
74f1817 |
admin_pattern($1, calamaris_www_t)
|
|
Dominick Grift |
74f1817 |
')
|