Tree - rpms/selinux-policy - CentOS Git server

rpms / selinux-policy

Blame mls/macros/program/iceauth_macros.te

Blob History Raw

Chris PeBenito	31b7c0	`#`
Chris PeBenito	31b7c0	`# Macros for iceauth domains.`
Chris PeBenito	31b7c0	`#`
Chris PeBenito	31b7c0	`# Author: Ivan Gyurdiev <gyurdiev@redhat.com>`
Chris PeBenito	31b7c0	`#`
Chris PeBenito	31b7c0	`# iceauth_domain(domain_prefix)`
Chris PeBenito	31b7c0
Chris PeBenito	31b7c0	define(`iceauth_domain',`
Chris PeBenito	31b7c0
Chris PeBenito	31b7c0	`# Program type`
Chris PeBenito	31b7c0	`type $1_iceauth_t, domain;`
Chris PeBenito	31b7c0
Chris PeBenito	31b7c0	`# Transition from the user domain to this domain.`
Chris PeBenito	31b7c0	`domain_auto_trans($1_t, iceauth_exec_t, $1_iceauth_t)`
Chris PeBenito	31b7c0	`role $1_r types $1_iceauth_t;`
Chris PeBenito	31b7c0
Chris PeBenito	31b7c0	`# Store .ICEauthority files`
Chris PeBenito	31b7c0	`home_domain($1, iceauth)`
Chris PeBenito	31b7c0	`file_type_auto_trans($1_iceauth_t, $1_home_dir_t, $1_iceauth_home_t, file)`
Chris PeBenito	31b7c0
Chris PeBenito	31b7c0	`# Supress xdm trying to restore .ICEauthority permissions`
Chris PeBenito	31b7c0	ifdef(`xdm.te', `
Chris PeBenito	31b7c0	`dontaudit xdm_t $1_iceauth_home_t:file r_file_perms;`
Chris PeBenito	31b7c0	`')`
Chris PeBenito	31b7c0
Chris PeBenito	31b7c0	`# /root`
Chris PeBenito	31b7c0	`allow $1_iceauth_t root_t:dir search;`
Chris PeBenito	31b7c0
Chris PeBenito	31b7c0	`# Terminal output`
Chris PeBenito	31b7c0	`access_terminal($1_iceauth_t, $1)`
Chris PeBenito	31b7c0
Chris PeBenito	31b7c0	`uses_shlib($1_iceauth_t)`
Chris PeBenito	31b7c0
Chris PeBenito	31b7c0	`# ???`
Chris PeBenito	31b7c0	`allow $1_iceauth_t etc_t:dir search;`
Chris PeBenito	31b7c0	`allow $1_iceauth_t usr_t:dir search;`
Chris PeBenito	31b7c0
Chris PeBenito	31b7c0	`# FIXME: policy is incomplete`
Chris PeBenito	31b7c0
Chris PeBenito	31b7c0	`')dnl end xauth_domain macro`

rpms / selinux-policy

Source Code

Blame mls/macros/program/iceauth_macros.te