rpms / selinux-policy

Clone
Source Code
GIT

Blame mls/domains/program/newrole.te

c10s-sig-hyperscale c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   7e0fa55f06a210c3ff6e09ae70dbfc30bfffc2b0
  2.   mls
  3.   domains
  4.   program
  5.   newrole.te
Blob History Raw
Chris PeBenito 31b7c0 
#DESC Newrole - SELinux utility to run a shell with a new role
Chris PeBenito 31b7c0 
#
Chris PeBenito 31b7c0 
# Authors:  Anthony Colatrella (NSA)
Chris PeBenito 31b7c0 
# Maintained by Stephen Smalley <sds@epoch.ncsc.mil>
Chris PeBenito 31b7c0 
# X-Debian-Packages: policycoreutils
Chris PeBenito 31b7c0 
#
Chris PeBenito 31b7c0
Chris PeBenito 31b7c0 
# secure mode means that newrole/sudo/su/userhelper cannot reach sysadm_t
Chris PeBenito 31b7c0 
bool secure_mode false;
Chris PeBenito 31b7c0
Chris PeBenito 31b7c0 
type newrole_exec_t, file_type, exec_type, sysadmfile;
Chris PeBenito 31b7c0 
domain_auto_trans(userdomain, newrole_exec_t, newrole_t)
Chris PeBenito 31b7c0
Chris PeBenito 31b7c0 
newrole_domain(newrole)
Chris PeBenito 31b7c0
Chris PeBenito 31b7c0 
# Write to utmp.
Chris PeBenito 31b7c0 
allow newrole_t var_run_t:dir r_dir_perms;
Chris PeBenito 31b7c0 
allow newrole_t initrc_var_run_t:file rw_file_perms;
Chris PeBenito 31b7c0
Chris PeBenito 31b7c0 
role secadm_r types newrole_t;
Chris PeBenito 31b7c0
Chris PeBenito 31b7c0 
ifdef(`targeted_policy', `
Chris PeBenito 31b7c0 
typeattribute newrole_t unconfinedtrans;
Chris PeBenito 31b7c0 
')

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation