rpms / selinux-policy

Clone
Source Code
GIT

Blame policy/modules/services/likewise.if

c10s-sig-hyperscale c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   5d8259746361f2d03fa2932116cd79bfccd9e42e
  2.   policy
  3.   modules
  4.   services
  5.   likewise.if
Blob History Raw
Dominick Grift 38fc1b 
## <summary>Likewise Active Directory support for UNIX.</summary>
Dominick Grift 38fc1b 
## <desc>
Chris PeBenito 827060 
##
Chris PeBenito 827060 
##	Likewise Open is a free, open source application that joins Linux, Unix,
Chris PeBenito 827060 
##	and Mac machines to Microsoft Active Directory to securely authenticate
Chris PeBenito 827060 
##	users with their domain credentials.
Chris PeBenito 827060 
##
Dominick Grift 38fc1b 
## </desc>
Dominick Grift 38fc1b
Dominick Grift 38fc1b 
#######################################
Dominick Grift 38fc1b 
## <summary>
Dominick Grift 38fc1b 
##	The template to define a likewise domain.
Dominick Grift 38fc1b 
## </summary>
Dominick Grift 38fc1b 
## <desc>
Dominick Grift 38fc1b 
##
Dominick Grift 38fc1b 
##	This template creates a domain to be used for
Dominick Grift 38fc1b 
##	a new likewise daemon.
Dominick Grift 38fc1b 
##
Dominick Grift 38fc1b 
## </desc>
Dominick Grift 38fc1b 
## <param name="userdomain_prefix">
Dominick Grift 38fc1b 
##	<summary>
Dominick Grift 38fc1b 
##	The type of daemon to be used.
Dominick Grift 38fc1b 
##	</summary>
Dominick Grift 38fc1b 
## </param>
Dominick Grift 38fc1b 
#
Dominick Grift 38fc1b 
template(`likewise_domain_template',`
Dominick Grift 38fc1b
Dominick Grift 38fc1b 
	gen_require(`
Dominick Grift 38fc1b 
		attribute likewise_domains;
Dominick Grift 38fc1b 
		type likewise_var_lib_t;
Dominick Grift 38fc1b 
	')
Dominick Grift 38fc1b
Dominick Grift 38fc1b 
	########################################
Dominick Grift 38fc1b 
	#
Dominick Grift 38fc1b 
	# Declarations
Dominick Grift 38fc1b 
	#
Dominick Grift 38fc1b
Dominick Grift 38fc1b 
	type $1_t;
Dominick Grift 38fc1b 
	type $1_exec_t;
Dominick Grift 38fc1b 
	init_daemon_domain($1_t, $1_exec_t)
Dominick Grift 38fc1b 
	domain_use_interactive_fds($1_t)
Dominick Grift 38fc1b
Dominick Grift 38fc1b 
	typeattribute $1_t likewise_domains;
Dominick Grift 38fc1b
Dominick Grift 38fc1b 
	type $1_var_run_t;
Dominick Grift 38fc1b 
	files_pid_file($1_var_run_t)
Dominick Grift 38fc1b
Dominick Grift 38fc1b 
	type $1_var_socket_t;
Dominick Grift 38fc1b 
	files_type($1_var_socket_t)
Dominick Grift 38fc1b
Dominick Grift 38fc1b 
	type $1_var_lib_t;
Dominick Grift 38fc1b 
	files_type($1_var_lib_t)
Dominick Grift 38fc1b
Dominick Grift 38fc1b 
	####################################
Dominick Grift 38fc1b 
	#
Dominick Grift 38fc1b 
	# Local Policy
Dominick Grift 38fc1b 
	#
Dominick Grift 38fc1b
Dominick Grift 38fc1b 
	allow $1_t self:process { signal_perms getsched setsched };
Dominick Grift 38fc1b 
	allow $1_t self:fifo_file rw_fifo_file_perms;
Dominick Grift 38fc1b 
	allow $1_t self:unix_dgram_socket create_socket_perms;
Dominick Grift 38fc1b 
	allow $1_t self:unix_stream_socket create_stream_socket_perms;
Dominick Grift 38fc1b 
	allow $1_t self:tcp_socket create_stream_socket_perms;
Dominick Grift 38fc1b 
	allow $1_t self:udp_socket create_socket_perms;
Dominick Grift 38fc1b
Dominick Grift f66acf 
	allow $1_t likewise_var_lib_t:dir setattr_dir_perms;
Dominick Grift 38fc1b
Dominick Grift 38fc1b 
	manage_files_pattern($1_t, $1_var_run_t, $1_var_run_t)
Dominick Grift 38fc1b 
	files_pid_filetrans($1_t, $1_var_run_t, file)
Dominick Grift 38fc1b
Dominick Grift 38fc1b 
	manage_files_pattern($1_t, likewise_var_lib_t, $1_var_lib_t)
Dominick Grift 38fc1b 
	filetrans_pattern($1_t, likewise_var_lib_t, $1_var_lib_t, file)
Dominick Grift 38fc1b
Dominick Grift 38fc1b 
	manage_sock_files_pattern($1_t, likewise_var_lib_t, $1_var_socket_t)
Dominick Grift 38fc1b 
	filetrans_pattern($1_t, likewise_var_lib_t, $1_var_socket_t, sock_file)
Dominick Grift 38fc1b
Dominick Grift 38fc1b 
	dev_read_rand($1_t)
Dominick Grift 38fc1b 
	dev_read_urand($1_t)
Dominick Grift 38fc1b
Dominick Grift 38fc1b 
	files_read_etc_files($1_t)
Dominick Grift 38fc1b 
	files_search_var_lib($1_t)
Dominick Grift 38fc1b
Dominick Grift 38fc1b 
	logging_send_syslog_msg($1_t)
Dominick Grift 38fc1b
Dominick Grift 38fc1b 
	miscfiles_read_localization($1_t)
Dominick Grift 38fc1b 
')
Dominick Grift 38fc1b
Dominick Grift 38fc1b 
########################################
Dominick Grift 38fc1b 
## <summary>
Dominick Grift 38fc1b 
##	Connect to lsassd.
Dominick Grift 38fc1b 
## </summary>
Dominick Grift 38fc1b 
## <param name="domain">
Dominick Grift 38fc1b 
##	<summary>
Dominick Grift 38fc1b 
##	Domain allowed access.
Dominick Grift 38fc1b 
##	</summary>
Dominick Grift 38fc1b 
## </param>
Dominick Grift 38fc1b 
#
Dominick Grift 38fc1b 
interface(`likewise_stream_connect_lsassd',`
Dominick Grift 38fc1b 
	gen_require(`
Dominick Grift 38fc1b 
		type likewise_var_lib_t, lsassd_var_socket_t, lsassd_t;
Dominick Grift 38fc1b 
	')
Dominick Grift 38fc1b
Dominick Grift 38fc1b 
	files_search_pids($1)
Dominick Grift 38fc1b 
	stream_connect_pattern($1, likewise_var_lib_t, lsassd_var_socket_t, lsassd_t)
Dominick Grift 38fc1b 
')

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation