Changeset 90 for selinux/build/afsd.if
- Timestamp:
- Jan 20, 2007, 9:31:21 PM (18 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
selinux/build/afsd.if
r81 r90 1 ## <summary>policy for afs</summary> 1 # Joe Presbrey 2 # presbrey@mit.edu 3 # 2006/1/15 2 4 3 ########################################4 ## <summary>5 ## Execute a domain transition to run afs.6 ## </summary>7 ## <param name="domain">8 ## <summary>9 ## Domain allowed to transition.10 ## </summary>11 ## </param>12 #13 5 interface(`afsd_domtrans',` 14 6 gen_require(` … … 26 18 interface(`afs_access',` 27 19 gen_require(` 20 type afs_t, afs_bin_t; 28 21 type afsd_t, afsd_etc_t; 29 type autofs_t, nfs_t;30 22 ') 31 allow $1 afsd_t:udp_socket all_udp_socket_perms; 23 24 allow $1 afs_bin_t:file rx_file_perms; 25 domain_auto_trans($1, afs_bin_t, afs_t) 26 allow afs_t $1:fd use; 27 allow afs_t $1:process sigchld; 28 29 allow $1 afsd_t:udp_socket write; 32 30 allow $1 afsd_etc_t:dir r_dir_perms; 33 31 allow $1 afsd_etc_t:file r_file_perms; 34 32 allow $1 afsd_etc_t:lnk_file r_file_perms; 35 allow $1 autofs_t:dir all_dir_perms; 36 allow $1 autofs_t:lnk_file all_lnk_file_perms; 37 allow $1 nfs_t:dir all_dir_perms; 38 allow $1 nfs_t:file all_file_perms; 39 allow $1 nfs_t:lnk_file all_lnk_file_perms; 40 allow $1 nfs_t:sock_file all_sock_file_perms; 41 allow $1 nfs_t:fifo_file all_fifo_file_perms; 42 allow $1 nfs_t:chr_file all_chr_file_perms; 43 allow $1 nfs_t:blk_file all_blk_file_perms; 33 fs_manage_autofs_symlinks($1) 34 fs_manage_nfs_dirs($1) 35 fs_manage_nfs_files($1) 36 fs_manage_nfs_symlinks($1) 37 fs_manage_nfs_named_pipes($1) 38 fs_manage_nfs_named_sockets($1) 44 39 ')
Note: See TracChangeset
for help on using the changeset viewer.