| Last change
                  on this file since 2372 was
                  91,
                  checked in by presbrey, 19 years ago | 
        
          | Zephyr strict SELinux module | 
        | File size:
            601 bytes | 
      
      
        
  | Line |  | 
|---|
| 1 | # Joe Presbrey | 
|---|
| 2 | # presbrey@mit.edu | 
|---|
| 3 | # 2006/1/15 | 
|---|
| 4 |  | 
|---|
| 5 | interface(`zephyr_domtrans',` | 
|---|
| 6 | gen_requires(` | 
|---|
| 7 | type zephyr_t, zephyr_exec_t; | 
|---|
| 8 | ') | 
|---|
| 9 |  | 
|---|
| 10 | domain_auto_trans($1,zephyr_exec_t,zephyr_t) | 
|---|
| 11 |  | 
|---|
| 12 | allow $1 zephyr_t:fd use; | 
|---|
| 13 | allow zephyr_t $1:fd use; | 
|---|
| 14 | allow zephyr_t:$1:fifo_file rw_file_perms; | 
|---|
| 15 | allow zephyr_t $1:process sigchld; | 
|---|
| 16 | ') | 
|---|
| 17 |  | 
|---|
| 18 | template(`zephyr_access',` | 
|---|
| 19 | require { | 
|---|
| 20 | type zephyr_t, zephyr_bin_t; | 
|---|
| 21 | } | 
|---|
| 22 |  | 
|---|
| 23 | allow $1 zephyr_t:udp_socket { read write }; | 
|---|
| 24 | can_exec($1, zephyr_t) | 
|---|
| 25 | can_exec($1, zephyr_bin_t) | 
|---|
| 26 | ') | 
|---|
       
      
      Note: See 
TracBrowser
        for help on using the repository browser.