rpms / selinux-policy

Clone
Source Code
GIT

Blame policy/modules/services/hddtemp.if

c10s-sig-hyperscale c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   9a2fd7d1445dca055e47a4ca20213fb231d6ce44
  2.   policy
  3.   modules
  4.   services
  5.   hddtemp.if
Blob History Raw
Dominick Grift a00fc1 
## <summary>hddtemp hard disk temperature tool running as a daemon.</summary>
Chris PeBenito aa8300
Chris PeBenito aa8300 
#######################################
Chris PeBenito aa8300 
## <summary>
Chris PeBenito 113d2e 
##	Execute a domain transition to run hddtemp.
Chris PeBenito aa8300 
## </summary>
Chris PeBenito aa8300 
## <param name="domain">
Chris PeBenito aa8300 
##	<summary>
Dominick Grift a00fc1 
##	Domain allowed to transition.
Chris PeBenito aa8300 
##	</summary>
Chris PeBenito aa8300 
## </param>
Chris PeBenito aa8300 
#
Chris PeBenito aa8300 
interface(`hddtemp_domtrans',`
Chris PeBenito aa8300 
	gen_require(`
Chris PeBenito aa8300 
		type hddtemp_t, hddtemp_exec_t;
Chris PeBenito aa8300 
	')
Chris PeBenito aa8300
Chris PeBenito aa8300 
	domtrans_pattern($1, hddtemp_exec_t, hddtemp_t)
Dominick Grift a00fc1 
	corecmd_search_bin($1)
Chris PeBenito aa8300 
')
Chris PeBenito aa8300
Chris PeBenito aa8300 
######################################
Chris PeBenito aa8300 
## <summary>
Dominick Grift a00fc1 
##	Execute hddtemp.
Chris PeBenito aa8300 
## </summary>
Chris PeBenito aa8300 
## <param name="domain">
Chris PeBenito aa8300 
##	<summary>
Chris PeBenito aa8300 
##	Domain allowed access.
Chris PeBenito aa8300 
##	</summary>
Chris PeBenito aa8300 
## </param>
Chris PeBenito aa8300 
#
Chris PeBenito aa8300 
interface(`hddtemp_exec',`
Chris PeBenito aa8300 
	gen_require(`
Chris PeBenito aa8300 
		type hddtemp_exec_t;
Chris PeBenito aa8300 
	')
Chris PeBenito aa8300
Chris PeBenito aa8300 
	can_exec($1, hddtemp_exec_t)
Dominick Grift a00fc1 
	corecmd_search_bin($1)
Dominick Grift a00fc1 
')
Dominick Grift a00fc1
Dominick Grift a00fc1 
########################################
Dominick Grift a00fc1 
## <summary>
Dominick Grift a00fc1 
##	All of the rules required to
Dominick Grift a00fc1 
##	administrate an hddtemp environment.
Dominick Grift a00fc1 
## </summary>
Dominick Grift a00fc1 
## <param name="domain">
Dominick Grift a00fc1 
##	<summary>
Dominick Grift a00fc1 
##	Domain allowed access.
Dominick Grift a00fc1 
##	</summary>
Dominick Grift a00fc1 
## </param>
Dominick Grift a00fc1 
## <param name="role">
Dominick Grift a00fc1 
##	<summary>
Dominick Grift a00fc1 
##	Role allowed access.
Dominick Grift a00fc1 
##	</summary>
Dominick Grift a00fc1 
## </param>
Dominick Grift a00fc1 
## <rolecap/>
Dominick Grift a00fc1 
#
Dominick Grift a00fc1 
interface(`hddtemp_admin',`
Dominick Grift a00fc1 
	gen_require(`
Dominick Grift a00fc1 
		type hddtemp_t, hddtemp_etc_t, hddtemp_initrc_exec_t;
Dominick Grift a00fc1 
	')
Dominick Grift a00fc1
Dominick Grift a00fc1 
	allow $1 hddtemp_t:process { ptrace signal_perms };
Dominick Grift a00fc1 
	ps_process_pattern($1, hddtemp_t)
Dominick Grift a00fc1
Dominick Grift a00fc1 
	init_labeled_script_domtrans($1, hddtemp_initrc_exec_t)
Dominick Grift a00fc1 
	domain_system_change_exemption($1)
Dominick Grift a00fc1 
	role_transition $2 hddtemp_initrc_exec_t system_r;
Dominick Grift a00fc1 
	allow $2 system_r;
Dominick Grift a00fc1
Dominick Grift a00fc1 
	admin_pattern($1, hddtemp_etc_t)
Dominick Grift a00fc1 
	files_search_etc($1)
Chris PeBenito aa8300 
')

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation