Blame policy/modules/admin/vbetool.te
|
Chris PeBenito |
9cca1cd |
|
|
Chris PeBenito |
6c91189 |
policy_module(vbetool,1.2.1)
|
|
Chris PeBenito |
9cca1cd |
|
|
Chris PeBenito |
9cca1cd |
########################################
|
|
Chris PeBenito |
9cca1cd |
#
|
|
Chris PeBenito |
9cca1cd |
# Declarations
|
|
Chris PeBenito |
9cca1cd |
#
|
|
Chris PeBenito |
9cca1cd |
|
|
Chris PeBenito |
9cca1cd |
type vbetool_t;
|
|
Chris PeBenito |
9cca1cd |
type vbetool_exec_t;
|
|
Chris PeBenito |
9cca1cd |
init_system_domain(vbetool_t,vbetool_exec_t)
|
|
Chris PeBenito |
9cca1cd |
|
|
Chris PeBenito |
9cca1cd |
########################################
|
|
Chris PeBenito |
9cca1cd |
#
|
|
Chris PeBenito |
9cca1cd |
# Local policy
|
|
Chris PeBenito |
9cca1cd |
#
|
|
Chris PeBenito |
9cca1cd |
|
|
Chris PeBenito |
a3cf80d |
allow vbetool_t self:capability { sys_tty_config sys_admin };
|
|
Chris PeBenito |
9cca1cd |
allow vbetool_t self:process execmem;
|
|
Chris PeBenito |
9cca1cd |
|
|
Chris PeBenito |
9cca1cd |
dev_wx_raw_memory(vbetool_t)
|
|
Chris PeBenito |
9cca1cd |
dev_read_raw_memory(vbetool_t)
|
|
Chris PeBenito |
207c476 |
dev_rwx_zero(vbetool_t)
|
|
Chris PeBenito |
9cca1cd |
dev_read_sysfs(vbetool_t)
|
|
Chris PeBenito |
9cca1cd |
|
|
Chris PeBenito |
a3cf80d |
term_use_unallocated_ttys(vbetool_t)
|
|
Chris PeBenito |
a3cf80d |
|
|
Chris PeBenito |
9cca1cd |
libs_use_ld_so(vbetool_t)
|
|
Chris PeBenito |
9cca1cd |
libs_use_shared_libs(vbetool_t)
|
|
Chris PeBenito |
a3cf80d |
|
|
Chris PeBenito |
a3cf80d |
miscfiles_read_localization(vbetool_t)
|
|
Chris PeBenito |
a3cf80d |
|
|
Chris PeBenito |
bb7170f |
optional_policy(`
|
|
Chris PeBenito |
a3cf80d |
hal_rw_pid_files(vbetool_t)
|
|
Chris PeBenito |
016e5c5 |
hal_write_log(vbetool_t)
|
|
Chris PeBenito |
6c91189 |
hal_dontaudit_append_lib_files(vbetool_t)
|
|
Chris PeBenito |
a3cf80d |
')
|