|
 |
1ec3d1a |
policy_module(jockey, 1.0.0)
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
########################################
|
|
|
1ec3d1a |
#
|
|
|
1ec3d1a |
# Declarations
|
|
|
1ec3d1a |
#
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
type jockey_t;
|
|
|
1ec3d1a |
type jockey_exec_t;
|
|
|
1ec3d1a |
init_daemon_domain(jockey_t, jockey_exec_t)
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
type jockey_cache_t;
|
|
|
1ec3d1a |
files_type(jockey_cache_t)
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
type jockey_var_log_t;
|
|
|
1ec3d1a |
logging_log_file(jockey_var_log_t)
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
########################################
|
|
|
1ec3d1a |
#
|
|
Dominick Grift |
9a4bab4 |
# Local policy
|
|
Dominick Grift |
9a4bab4 |
#
|
|
Dominick Grift |
9a4bab4 |
|
|
|
1ec3d1a |
allow jockey_t self:fifo_file rw_fifo_file_perms;
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
manage_dirs_pattern(jockey_t, jockey_cache_t, jockey_cache_t)
|
|
|
1ec3d1a |
manage_files_pattern(jockey_t, jockey_cache_t, jockey_cache_t)
|
|
|
1ec3d1a |
manage_lnk_files_pattern(jockey_t, jockey_cache_t, jockey_cache_t)
|
|
|
1ec3d1a |
files_var_filetrans(jockey_t, jockey_cache_t, { dir file })
|
|
|
1ec3d1a |
|
|
Dominick Grift |
9a4bab4 |
manage_dirs_pattern(jockey_t, jockey_var_log_t, jockey_var_log_t)
|
|
Dominick Grift |
9a4bab4 |
append_files_pattern(jockey_t, jockey_var_log_t, jockey_var_log_t)
|
|
Dominick Grift |
9a4bab4 |
create_files_pattern(jockey_t, jockey_var_log_t, jockey_var_log_t)
|
|
Dominick Grift |
9a4bab4 |
setattr_files_pattern(jockey_t, jockey_var_log_t, jockey_var_log_t)
|
|
|
1ec3d1a |
logging_log_filetrans(jockey_t, jockey_var_log_t, { file dir })
|
|
|
1ec3d1a |
|
|
|
65c9f56 |
kernel_read_system_state(jockey_t)
|
|
|
65c9f56 |
|
|
|
ee73679 |
corecmd_exec_bin(jockey_t)
|
|
|
49895b9 |
corecmd_exec_shell(jockey_t)
|
|
|
49895b9 |
|
|
|
49895b9 |
dev_read_rand(jockey_t)
|
|
Dominick Grift |
9a4bab4 |
dev_read_sysfs(jockey_t)
|
|
Dominick Grift |
9a4bab4 |
dev_read_urand(jockey_t)
|
|
|
ee73679 |
|
|
|
1ec3d1a |
domain_use_interactive_fds(jockey_t)
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
|
|
|
b154acf |
auth_read_passwd(jockey_t)
|
|
|
b154acf |
|
|
|
49895b9 |
optional_policy(`
|
|
|
07b7aba |
dbus_system_domain(jockey_t, jockey_exec_t)
|
|
|
07b7aba |
')
|
|
|
07b7aba |
|
|
|
07b7aba |
optional_policy(`
|
|
|
a9e4e68 |
gnome_dontaudit_search_config(jockey_t)
|
|
|
a9e4e68 |
')
|
|
|
a9e4e68 |
|
|
|
a9e4e68 |
optional_policy(`
|
|
|
49895b9 |
modutils_domtrans_insmod(jockey_t)
|
|
|
49895b9 |
modutils_read_module_config(jockey_t)
|
|
|
3defb77 |
modutils_list_module_config(jockey_t)
|
|
|
49895b9 |
')
|