psss / rpms / selinux-policy

Forked from rpms/selinux-policy 5 years ago
Clone
Source Code
GIT

Blame lightsquid.if

f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f7 f8 f9 master master-docker master_contrib private-master-atomic-policy private-master-migrate-to-var-lib-selinux requires tests
  1.   master_contrib
  2.   lightsquid.if
Blob History Raw
Dominick Grift 8d4335e 
## <summary>Log analyzer for squid proxy.</summary>
Dominick Grift 8d4335e
Dominick Grift 8d4335e 
########################################
Dominick Grift 8d4335e 
## <summary>
Dominick Grift 8d4335e 
##	Execute the lightsquid program in
Dominick Grift 8d4335e 
##	the lightsquid domain.
Dominick Grift 8d4335e 
## </summary>
Dominick Grift 8d4335e 
## <param name="domain">
Dominick Grift 8d4335e 
##	<summary>
Dominick Grift 8d4335e 
##	Domain allowed to transition.
Dominick Grift 8d4335e 
##	</summary>
Dominick Grift 8d4335e 
## </param>
Dominick Grift 8d4335e 
#
Dominick Grift 8d4335e 
interface(`lightsquid_domtrans',`
Dominick Grift 8d4335e 
	gen_require(`
Dominick Grift 8d4335e 
		type lightsquid_t, lightsquid_exec_t;
Dominick Grift 8d4335e 
	')
Dominick Grift 8d4335e
Dominick Grift 8d4335e 
	corecmd_search_bin($1)
Dominick Grift 8d4335e 
	domtrans_pattern($1, lightsquid_exec_t, lightsquid_t)
Dominick Grift 8d4335e 
')
Dominick Grift 8d4335e
Dominick Grift 8d4335e 
########################################
Dominick Grift 8d4335e 
## <summary>
Dominick Grift 8d4335e 
##	Execute lightsquid in the
Dominick Grift 8d4335e 
##	lightsquid domain, and allow the
Dominick Grift 8d4335e 
##	specified role the lightsquid domain.
Dominick Grift 8d4335e 
## </summary>
Dominick Grift 8d4335e 
## <param name="domain">
Dominick Grift 8d4335e 
##	<summary>
Dominick Grift 8d4335e 
##	Domain allowed to transition.
Dominick Grift 8d4335e 
##	</summary>
Dominick Grift 8d4335e 
## </param>
Dominick Grift 8d4335e 
## <param name="role">
Dominick Grift 8d4335e 
##	<summary>
Dominick Grift 8d4335e 
##	Role allowed access.
Dominick Grift 8d4335e 
##	</summary>
Dominick Grift 8d4335e 
## </param>
Dominick Grift 8d4335e 
#
Dominick Grift 8d4335e 
interface(`lightsquid_run',`
Dominick Grift 8d4335e 
	gen_require(`
Dominick Grift f5315a6 
		attribute_role lightsquid_roles;
Dominick Grift 8d4335e 
	')
Dominick Grift 8d4335e
Dominick Grift 8d4335e 
	lightsquid_domtrans($1)
Dominick Grift f5315a6 
	roleattribute $2 lightsquid_roles;
Dominick Grift 8d4335e 
')
Dominick Grift fdb39ab
Dominick Grift fdb39ab 
########################################
Dominick Grift fdb39ab 
## <summary>
Dominick Grift fdb39ab 
##	All of the rules required to
Dominick Grift fdb39ab 
##	administrate an lightsquid environment.
Dominick Grift fdb39ab 
## </summary>
Dominick Grift fdb39ab 
## <param name="domain">
Dominick Grift fdb39ab 
##	<summary>
Dominick Grift fdb39ab 
##	Domain allowed access.
Dominick Grift fdb39ab 
##	</summary>
Dominick Grift fdb39ab 
## </param>
Dominick Grift fdb39ab 
## <param name="role">
Dominick Grift fdb39ab 
##	<summary>
Dominick Grift fdb39ab 
##	Role allowed access.
Dominick Grift fdb39ab 
##	</summary>
Dominick Grift fdb39ab 
## </param>
Dominick Grift fdb39ab 
## <rolecap/>
Dominick Grift fdb39ab 
#
Dominick Grift fdb39ab 
interface(`lightsquid_admin',`
Dominick Grift fdb39ab 
	gen_require(`
Dominick Grift fdb39ab 
		type lightsquid_t, lightsquid_rw_content_t;
Dominick Grift fdb39ab 
	')
Dominick Grift fdb39ab
Dominick Grift fdb39ab 
	allow $1 lightsquid_t:process { ptrace signal_perms };
Dominick Grift fdb39ab 
	ps_process_pattern($1, lightsquid_t)
Dominick Grift fdb39ab
Dominick Grift fdb39ab 
	lightsquid_run($1, $2)
Dominick Grift fdb39ab
Dominick Grift fdb39ab 
	files_search_var_lib($1)
Dominick Grift fdb39ab 
	admin_pattern($1, lightsquid_rw_content_t)
Dominick Grift fdb39ab
366763e 
	optional_policy(`
366763e 
		apache_list_sys_content($1)
366763e 
	')
Dominick Grift fdb39ab 
')
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.