psss / rpms / selinux-policy

Forked from rpms/selinux-policy 5 years ago
Clone
Source Code
GIT

Files

f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f7 f8 f9 master master-docker master_contrib private-master-atomic-policy private-master-migrate-to-var-lib-selinux requires tests
  1.   master_contrib
  2.   amanda.if
Blob Blame History Raw 
## <summary>Advanced Maryland Automatic Network Disk Archiver.</summary>

########################################
## <summary>
##	Execute a domain transition to run
##	Amanda recover.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed to transition.
##	</summary>
## </param>
#
interface(`amanda_domtrans_recover',`
	gen_require(`
		type amanda_recover_t, amanda_recover_exec_t;
	')

	corecmd_search_bin($1)
	domtrans_pattern($1, amanda_recover_exec_t, amanda_recover_t)
')

########################################
## <summary>
##	Execute a domain transition to run
##	Amanda recover, and allow the specified
##	role the Amanda recover domain.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed to transition.
##	</summary>
## </param>
## <param name="role">
##	<summary>
##	Role allowed access.
##	</summary>
## </param>
## <rolecap/>
#
interface(`amanda_run_recover',`
	gen_require(`
		attribute_role amanda_recover_roles;
	')

	amanda_domtrans_recover($1)
	roleattribute $2 amanda_recover_roles;
')

########################################
## <summary>
##	Search Amanda library directories.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`amanda_search_lib',`
	gen_require(`
		type amanda_usr_lib_t;
	')

	files_search_usr($1)
	allow $1 amanda_usr_lib_t:dir search_dir_perms;
')

########################################
## <summary>
##	Do not audit attempts to read /etc/dumpdates.
## </summary>
## <param name="domain">
##	<summary>
##	Domain to not audit.
##	</summary>
## </param>
#
interface(`amanda_dontaudit_read_dumpdates',`
	gen_require(`
		type amanda_dumpdates_t;
	')

	dontaudit $1 amanda_dumpdates_t:file read_file_perms;
')

########################################
## <summary>
##	Read and write /etc/dumpdates.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`amanda_rw_dumpdates_files',`
	gen_require(`
		type amanda_dumpdates_t;
	')

	files_search_etc($1)
	allow $1 amanda_dumpdates_t:file rw_file_perms;
')

########################################
## <summary>
##	Search Amanda library directories.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`amanda_manage_lib',`
	gen_require(`
		type amanda_usr_lib_t;
	')

	files_search_usr($1)
	allow $1 amanda_usr_lib_t:dir manage_dir_perms;
')

########################################
## <summary>
##	Read and append amanda log files.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`amanda_append_log_files',`
	gen_require(`
		type amanda_log_t;
	')

	logging_search_logs($1)
	allow $1 amanda_log_t:file { read_file_perms append_file_perms };
')

#######################################
## <summary>
##	Search Amanda var library directories.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`amanda_search_var_lib',`
	gen_require(`
		type amanda_var_lib_t;
	')

	files_search_var_lib($1)
	allow $1 amanda_var_lib_t:dir search_dir_perms;
')
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.