Blame policy/modules/apps/wine.te
|
Chris PeBenito |
29af4c |
policy_module(wine, 1.7.0)
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
# Declarations
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
type wine_t;
|
|
Chris PeBenito |
17de1b |
type wine_exec_t;
|
|
Chris PeBenito |
0bfccd |
application_domain(wine_t, wine_exec_t)
|
|
Chris PeBenito |
4796d0 |
ubac_constrained(wine_t)
|
|
Chris PeBenito |
4796d0 |
role system_r types wine_t;
|
|
Chris PeBenito |
4796d0 |
|
|
Chris PeBenito |
4796d0 |
type wine_tmp_t;
|
|
Chris PeBenito |
4796d0 |
files_tmp_file(wine_tmp_t)
|
|
Chris PeBenito |
4796d0 |
ubac_constrained(wine_tmp_t)
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
# Local policy
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
4796d0 |
allow wine_t self:process { execstack execmem execheap };
|
|
Chris PeBenito |
4796d0 |
allow wine_t self:fifo_file manage_fifo_file_perms;
|
|
Chris PeBenito |
4796d0 |
|
|
Chris PeBenito |
4796d0 |
can_exec(wine_t, wine_exec_t)
|
|
Chris PeBenito |
4796d0 |
|
|
Chris PeBenito |
4796d0 |
manage_dirs_pattern(wine_t, wine_tmp_t, wine_tmp_t)
|
|
Chris PeBenito |
4796d0 |
manage_files_pattern(wine_t, wine_tmp_t, wine_tmp_t)
|
|
Chris PeBenito |
4796d0 |
files_tmp_filetrans(wine_t, wine_tmp_t, { file dir })
|
|
Chris PeBenito |
4796d0 |
|
|
Chris PeBenito |
4796d0 |
domain_mmap_low(wine_t)
|
|
Chris PeBenito |
4796d0 |
|
|
Chris PeBenito |
4796d0 |
files_execmod_all_files(wine_t)
|
|
Chris PeBenito |
4796d0 |
|
|
Chris PeBenito |
296273 |
userdom_use_user_terminals(wine_t)
|
|
Chris PeBenito |
296273 |
|
|
Chris PeBenito |
350b6a |
optional_policy(`
|
|
Chris PeBenito |
4796d0 |
hal_dbus_chat(wine_t)
|
|
Chris PeBenito |
4796d0 |
')
|
|
Chris PeBenito |
4796d0 |
|
|
Chris PeBenito |
4796d0 |
optional_policy(`
|
|
Chris PeBenito |
17de1b |
unconfined_domain_noaudit(wine_t)
|
|
Chris PeBenito |
4796d0 |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
4796d0 |
optional_policy(`
|
|
Chris PeBenito |
4796d0 |
xserver_read_xdm_pid(wine_t)
|
|
Chris PeBenito |
4796d0 |
xserver_rw_shm(wine_t)
|
|
Chris PeBenito |
17de1b |
')
|