rpms / selinux-policy

Clone
Source Code
GIT

Blame policy/modules/admin/amanda.if

c10s-sig-hyperscale c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   2fc79f1ef4f3928c3d33b20c3274e87ae148b5f6
  2.   policy
  3.   modules
  4.   admin
  5.   amanda.if
Blob History Raw
Chris PeBenito 44fc06 
## <summary>Automated backup program.</summary>
Chris PeBenito 44fc06
Chris PeBenito 44fc06 
########################################
Chris PeBenito 44fc06 
## <summary>
Chris PeBenito 44fc06 
##	Execute amrecover in the amanda_recover domain.
Chris PeBenito 44fc06 
## </summary>
Chris PeBenito 44fc06 
## <param name="domain">
Chris PeBenito 885b83 
##	<summary>
Dominick Grift 77e4b5 
##	Domain allowed to transition.
Chris PeBenito 885b83 
##	</summary>
Chris PeBenito 44fc06 
## </param>
Chris PeBenito 44fc06 
#
Chris PeBenito 44fc06 
interface(`amanda_domtrans_recover',`
Chris PeBenito 44fc06 
	gen_require(`
Chris PeBenito 44fc06 
		type amanda_recover_t, amanda_recover_exec_t;
Chris PeBenito 44fc06 
	')
Chris PeBenito 44fc06
Chris PeBenito 0bfccd 
	domtrans_pattern($1, amanda_recover_exec_t, amanda_recover_t)
Chris PeBenito 44fc06 
')
Chris PeBenito 44fc06
Chris PeBenito 44fc06 
########################################
Chris PeBenito 44fc06 
## <summary>
Chris PeBenito 44fc06 
##	Execute amrecover in the amanda_recover domain, and
Chris PeBenito 44fc06 
##	allow the specified role the amanda_recover domain.
Chris PeBenito 44fc06 
## </summary>
Chris PeBenito 44fc06 
## <param name="domain">
Chris PeBenito 885b83 
##	<summary>
Dominick Grift 77e4b5 
##	Domain allowed to transition.
Chris PeBenito 885b83 
##	</summary>
Chris PeBenito 44fc06 
## </param>
Chris PeBenito 44fc06 
## <param name="role">
Chris PeBenito 885b83 
##	<summary>
Chris PeBenito a7ee7f 
##	Role allowed access.
Chris PeBenito 885b83 
##	</summary>
Chris PeBenito 44fc06 
## </param>
Chris PeBenito bbcd3c 
## <rolecap/>
Chris PeBenito 44fc06 
#
Chris PeBenito 44fc06 
interface(`amanda_run_recover',`
Chris PeBenito 44fc06 
	gen_require(`
Chris PeBenito 44fc06 
		type amanda_recover_t;
Chris PeBenito 44fc06 
	')
Chris PeBenito 44fc06
Chris PeBenito 44fc06 
	amanda_domtrans_recover($1)
Chris PeBenito 44fc06 
	role $2 types amanda_recover_t;
Chris PeBenito 44fc06 
')
Chris PeBenito 44fc06
Chris PeBenito 44fc06 
########################################
Chris PeBenito 44fc06 
## <summary>
Chris PeBenito 44fc06 
##	Search amanda library directories.
Chris PeBenito 44fc06 
## </summary>
Chris PeBenito 44fc06 
## <param name="domain">
Chris PeBenito 885b83 
##	<summary>
Chris PeBenito a72e42 
##	Domain allowed access.
Chris PeBenito 885b83 
##	</summary>
Chris PeBenito 44fc06 
## </param>
Chris PeBenito 44fc06 
#
Chris PeBenito 44fc06 
interface(`amanda_search_lib',`
Chris PeBenito 44fc06 
	gen_require(`
Chris PeBenito 44fc06 
		type amanda_usr_lib_t;
Chris PeBenito 44fc06 
	')
Chris PeBenito 44fc06
Chris PeBenito c0868a 
	allow $1 amanda_usr_lib_t:dir search_dir_perms;
Chris PeBenito 44fc06 
	files_search_usr($1)
Chris PeBenito 44fc06 
')
Chris PeBenito 757207
Chris PeBenito 757207 
########################################
Chris PeBenito 757207 
## <summary>
Chris PeBenito 757207 
##	Do not audit attempts to read /etc/dumpdates.
Chris PeBenito 757207 
## </summary>
Chris PeBenito 757207 
## <param name="domain">
Chris PeBenito 885b83 
##	<summary>
Chris PeBenito 757207 
##	Domain to not audit.
Chris PeBenito 885b83 
##	</summary>
Chris PeBenito 757207 
## </param>
Chris PeBenito 757207 
#
Chris PeBenito 757207 
interface(`amanda_dontaudit_read_dumpdates',`
Chris PeBenito 757207 
	gen_require(`
Chris PeBenito 757207 
		type amanda_dumpdates_t;
Chris PeBenito 757207 
	')
Chris PeBenito 757207
Chris PeBenito 757207 
	dontaudit $1 amanda_dumpdates_t:file { getattr read };
Chris PeBenito 757207 
')
Chris PeBenito 46c69c
Chris PeBenito 46c69c 
########################################
Chris PeBenito 46c69c 
## <summary>
Chris PeBenito 46c69c 
##	Allow read/writing /etc/dumpdates.
Chris PeBenito 46c69c 
## </summary>
Chris PeBenito 46c69c 
## <param name="domain">
Chris PeBenito 46c69c 
##	<summary>
Dominick Grift 77e4b5 
##	Domain allowed access.
Chris PeBenito 46c69c 
##	</summary>
Chris PeBenito 46c69c 
## </param>
Chris PeBenito 46c69c 
#
Chris PeBenito 46c69c 
interface(`amanda_rw_dumpdates_files',`
Chris PeBenito 46c69c 
	gen_require(`
Chris PeBenito 46c69c 
		type amanda_dumpdates_t;
Chris PeBenito 46c69c 
	')
Chris PeBenito 46c69c
Chris PeBenito 46c69c 
	allow $1 amanda_dumpdates_t:file rw_file_perms;
Chris PeBenito 46c69c 
')
Chris PeBenito d6d16b
Chris PeBenito d6d16b 
########################################
Chris PeBenito d6d16b 
## <summary>
Chris PeBenito d6d16b 
##	Search amanda library directories.
Chris PeBenito d6d16b 
## </summary>
Chris PeBenito d6d16b 
## <param name="domain">
Chris PeBenito d6d16b 
##	<summary>
Chris PeBenito a72e42 
##	Domain allowed access.
Chris PeBenito d6d16b 
##	</summary>
Chris PeBenito d6d16b 
## </param>
Chris PeBenito d6d16b 
#
Chris PeBenito d6d16b 
interface(`amanda_manage_lib',`
Chris PeBenito d6d16b 
	gen_require(`
Chris PeBenito d6d16b 
		type amanda_usr_lib_t;
Chris PeBenito d6d16b 
	')
Chris PeBenito d6d16b
Chris PeBenito d6d16b 
	allow $1 amanda_usr_lib_t:dir manage_dir_perms;
Chris PeBenito d6d16b 
	files_search_usr($1)
Chris PeBenito d6d16b 
')
Chris PeBenito d6d16b
Chris PeBenito 46c69c 
########################################
Chris PeBenito 46c69c 
## <summary>
Chris PeBenito 46c69c 
##	Allow read/writing amanda logs
Chris PeBenito 46c69c 
## </summary>
Chris PeBenito 46c69c 
## <param name="domain">
Chris PeBenito 46c69c 
##	<summary>
Dominick Grift 77e4b5 
##	Domain allowed access.
Chris PeBenito 46c69c 
##	</summary>
Chris PeBenito 46c69c 
## </param>
Chris PeBenito 46c69c 
#
Chris PeBenito 46c69c 
interface(`amanda_append_log_files',`
Chris PeBenito 46c69c 
	gen_require(`
Chris PeBenito 46c69c 
		type amanda_log_t;
Chris PeBenito 46c69c 
	')
Chris PeBenito 46c69c
Chris PeBenito c0868a 
	allow $1 amanda_log_t:file { read_file_perms append_file_perms };
Chris PeBenito 46c69c 
')
Chris PeBenito bc01b3
Chris PeBenito bc01b3 
#######################################
Chris PeBenito bc01b3 
## <summary>
Chris PeBenito bc01b3 
##	Search amanda var library directories.
Chris PeBenito bc01b3 
## </summary>
Chris PeBenito bc01b3 
## <param name="domain">
Chris PeBenito bc01b3 
##	<summary>
Chris PeBenito a72e42 
##	Domain allowed access.
Chris PeBenito bc01b3 
##	</summary>
Chris PeBenito bc01b3 
## </param>
Chris PeBenito bc01b3 
#
Chris PeBenito bc01b3 
interface(`amanda_search_var_lib',`
Chris PeBenito bc01b3 
	gen_require(`
Chris PeBenito bc01b3 
		type amanda_var_lib_t;
Chris PeBenito bc01b3 
	')
Chris PeBenito bc01b3
Chris PeBenito bc01b3 
	files_search_var_lib($1)
Chris PeBenito bc01b3 
	allow $1 amanda_var_lib_t:dir search_dir_perms;
Chris PeBenito bc01b3
Chris PeBenito bc01b3 
')

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation