psss / rpms / selinux-policy

Forked from rpms/selinux-policy 5 years ago
Clone
Source Code
GIT

Blame mplayer.if

f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f7 f8 f9 master master-docker master_contrib private-master-atomic-policy private-master-migrate-to-var-lib-selinux requires tests
  1.   3f229b0f2cbf7174a1db0dfb3cc5aa49887a21d2
  2.   mplayer.if
Blob History Raw
Chris PeBenito 9401ae1 
## <summary>Mplayer media player and encoder</summary>
Chris PeBenito 9401ae1
Chris PeBenito 9401ae1 
########################################
Chris PeBenito 9401ae1 
## <summary>
Chris PeBenito 9401ae1 
##	Role access for mplayer
Chris PeBenito 9401ae1 
## </summary>
Chris PeBenito 9401ae1 
## <param name="role">
Chris PeBenito 9401ae1 
##	<summary>
Chris PeBenito 9401ae1 
##	Role allowed access
Chris PeBenito 9401ae1 
##	</summary>
Chris PeBenito 9401ae1 
## </param>
Chris PeBenito 9401ae1 
## <param name="domain">
Chris PeBenito 9401ae1 
##	<summary>
Chris PeBenito 9401ae1 
##	User domain for the role
Chris PeBenito 9401ae1 
##	</summary>
Chris PeBenito 9401ae1 
## </param>
Chris PeBenito 9401ae1 
#
Chris PeBenito 9401ae1 
interface(`mplayer_role',`
Chris PeBenito 9401ae1 
	gen_require(`
Chris PeBenito 9401ae1 
		type mencoder_t, mencoder_exec_t;
Chris PeBenito 9401ae1 
		type mplayer_t, mplayer_exec_t;
Chris PeBenito 9401ae1 
		type mplayer_home_t;
Chris PeBenito 9401ae1 
	')
Chris PeBenito 9401ae1
Chris PeBenito 9401ae1 
	role $1 types { mencoder_t mplayer_t };
Chris PeBenito 9401ae1
Chris PeBenito 9401ae1 
	# domain transition
Chris PeBenito 9401ae1 
	domtrans_pattern($2, mencoder_exec_t, mencoder_t)
Chris PeBenito 9401ae1
Chris PeBenito 9401ae1 
	# Allow the user domain to signal/ps.
Chris PeBenito 9401ae1 
	ps_process_pattern($2, mencoder_t)
Chris PeBenito 9401ae1 
	allow $2 mencoder_t:process signal_perms;
Chris PeBenito 9401ae1
Chris PeBenito 9401ae1 
	# Home access
Chris PeBenito 9401ae1 
	manage_dirs_pattern($2, mplayer_home_t, mplayer_home_t)
Chris PeBenito 9401ae1 
	manage_files_pattern($2, mplayer_home_t, mplayer_home_t)
Chris PeBenito 9401ae1 
	manage_lnk_files_pattern($2, mplayer_home_t, mplayer_home_t)
Chris PeBenito 9401ae1 
	relabel_dirs_pattern($2, mplayer_home_t, mplayer_home_t)
Chris PeBenito 9401ae1 
	relabel_files_pattern($2, mplayer_home_t, mplayer_home_t)
Chris PeBenito 9401ae1 
	relabel_lnk_files_pattern($2, mplayer_home_t, mplayer_home_t)
Chris PeBenito 9401ae1
Chris PeBenito 9401ae1 
	# domain transition
Chris PeBenito 9401ae1 
	domtrans_pattern($2, mplayer_exec_t, mplayer_t)
Chris PeBenito 9401ae1
Chris PeBenito 9401ae1 
	# Allow the user domain to signal/ps.
Chris PeBenito 9401ae1 
	ps_process_pattern($2, mplayer_t)
Chris PeBenito 9401ae1 
	allow $2 mplayer_t:process signal_perms;
Chris PeBenito 9401ae1 
')
Chris PeBenito 9401ae1
Chris PeBenito 9401ae1 
########################################
Chris PeBenito 9401ae1 
## <summary>
Chris PeBenito 9401ae1 
##	Run mplayer in mplayer domain.
Chris PeBenito 9401ae1 
## </summary>
Chris PeBenito 9401ae1 
## <param name="domain">
Chris PeBenito 9401ae1 
##	<summary>
Chris PeBenito 9401ae1 
##	Domain allowed to transition.
Chris PeBenito 9401ae1 
##	</summary>
Chris PeBenito 9401ae1 
## </param>
Chris PeBenito 9401ae1 
#
Chris PeBenito 9401ae1 
interface(`mplayer_domtrans',`
Chris PeBenito 9401ae1 
	gen_require(`
Chris PeBenito 9401ae1 
		type mplayer_t, mplayer_exec_t;
Chris PeBenito 9401ae1 
	')
Chris PeBenito 9401ae1
Chris PeBenito 9401ae1 
	domtrans_pattern($1, mplayer_exec_t, mplayer_t)
Chris PeBenito 9401ae1 
')
Chris PeBenito 9401ae1
Chris PeBenito 9401ae1 
########################################
Chris PeBenito 9401ae1 
## <summary>
Chris PeBenito 9401ae1 
##	Execute mplayer in the caller domain.
Chris PeBenito 9401ae1 
## </summary>
Chris PeBenito 9401ae1 
## <param name="domain">
Chris PeBenito 9401ae1 
##	<summary>
Chris PeBenito 9401ae1 
##	Domain allowed access.
Chris PeBenito 9401ae1 
##	</summary>
Chris PeBenito 9401ae1 
## </param>
Chris PeBenito 9401ae1 
#
Chris PeBenito 9401ae1 
#
Chris PeBenito 9401ae1 
interface(`mplayer_exec',`
Chris PeBenito 9401ae1 
	gen_require(`
Chris PeBenito 9401ae1 
		type mplayer_exec_t;
Chris PeBenito 9401ae1 
	')
Chris PeBenito 9401ae1
Chris PeBenito 9401ae1 
	can_exec($1, mplayer_exec_t)
Chris PeBenito 9401ae1 
')
Chris PeBenito 9401ae1
Chris PeBenito 9401ae1 
########################################
Chris PeBenito 9401ae1 
## <summary>
Chris PeBenito 9401ae1 
##	Read mplayer per user homedir
Chris PeBenito 9401ae1 
## </summary>
Chris PeBenito 9401ae1 
## <param name="domain">
Chris PeBenito 9401ae1 
##	<summary>
Chris PeBenito 9401ae1 
##	Domain allowed access.
Chris PeBenito 9401ae1 
##	</summary>
Chris PeBenito 9401ae1 
## </param>
Chris PeBenito 9401ae1 
#
Chris PeBenito 9401ae1 
interface(`mplayer_read_user_home_files',`
Chris PeBenito 9401ae1 
	gen_require(`
Chris PeBenito 9401ae1 
		type mplayer_home_t;
Chris PeBenito 9401ae1 
	')
Chris PeBenito 9401ae1
Chris PeBenito 9401ae1 
	read_files_pattern($1, mplayer_home_t, mplayer_home_t)
Chris PeBenito 9401ae1 
	userdom_search_user_home_dirs($1)
Chris PeBenito 9401ae1 
')
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.