rpms / selinux-policy

Clone
Source Code
GIT

Blame policy/modules/services/oident.if

c10s-sig-hyperscale c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   98759716fefb2c80a976a1ae9f537736f2781dfe
  2.   policy
  3.   modules
  4.   services
  5.   oident.if
Blob History Raw
Chris PeBenito 73edbc 
## <summary>SELinux policy for Oident daemon.</summary>
Chris PeBenito 73edbc 
## <desc>
Chris PeBenito 73edbc 
##
Chris PeBenito 73edbc 
##	Oident daemon is a server that implements the TCP/IP
Chris PeBenito 73edbc 
##	standard IDENT user identification protocol as
Chris PeBenito 73edbc 
##	specified in the RFC 1413 document.
Chris PeBenito 73edbc 
##
Chris PeBenito 73edbc 
## </desc>
Chris PeBenito 73edbc
Chris PeBenito 296273 
########################################
Chris PeBenito 73edbc 
## <summary>
Chris PeBenito 296273 
##	Allow the specified domain to read
Chris PeBenito 296273 
##	Oidentd personal configuration files.
Chris PeBenito 73edbc 
## </summary>
Chris PeBenito 296273 
## <param name="domain">
Chris PeBenito 296273 
##	<summary>
Chris PeBenito 296273 
##	Domain allowed access.
Chris PeBenito 296273 
##	</summary>
Chris PeBenito 73edbc 
## </param>
Chris PeBenito 73edbc 
#
Chris PeBenito 296273 
interface(`oident_read_user_content', `
Chris PeBenito 73edbc 
	gen_require(`
Chris PeBenito 296273 
		type oidentd_home_t;
Chris PeBenito 73edbc 
	')
Chris PeBenito 73edbc
Chris PeBenito 296273 
	allow $1 oidentd_home_t:file read_file_perms;
Chris PeBenito 296273 
	userdom_search_user_home_dirs($1)
Chris PeBenito 296273 
')
Chris PeBenito 73edbc
Chris PeBenito 296273 
########################################
Chris PeBenito 296273 
## <summary>
Chris PeBenito 296273 
##	Allow the specified domain to create, read, write, and delete
Chris PeBenito 296273 
##	Oidentd personal configuration files.
Chris PeBenito 296273 
## </summary>
Chris PeBenito 296273 
## <param name="domain">
Chris PeBenito 296273 
##	<summary>
Chris PeBenito 296273 
##	Domain allowed access.
Chris PeBenito 296273 
##	</summary>
Chris PeBenito 296273 
## </param>
Chris PeBenito 296273 
#
Chris PeBenito 296273 
interface(`oident_manage_user_content', `
Chris PeBenito 296273 
	gen_require(`
Chris PeBenito 296273 
		type oidentd_home_t;
Chris PeBenito 296273 
	')
Chris PeBenito 73edbc
Chris PeBenito 296273 
	allow $1 oidentd_home_t:file manage_file_perms;
Chris PeBenito 296273 
	userdom_search_user_home_dirs($1)
Chris PeBenito 73edbc 
')
Chris PeBenito 73edbc
Chris PeBenito 73edbc 
########################################
Chris PeBenito 73edbc 
## <summary>
Chris PeBenito 296273 
##	Allow the specified domain to relabel
Chris PeBenito 73edbc 
##	Oidentd personal configuration files.
Chris PeBenito 73edbc 
## </summary>
Chris PeBenito 73edbc 
## <param name="domain">
Chris PeBenito 73edbc 
##	<summary>
Chris PeBenito 73edbc 
##	Domain allowed access.
Chris PeBenito 73edbc 
##	</summary>
Chris PeBenito 73edbc 
## </param>
Chris PeBenito 73edbc 
#
Chris PeBenito 296273 
interface(`oident_relabel_user_content', `
Chris PeBenito 73edbc 
	gen_require(`
Chris PeBenito 296273 
		type oidentd_home_t;
Chris PeBenito 73edbc 
	')
Chris PeBenito 73edbc
Chris PeBenito 296273 
	allow $1 oidentd_home_t:file relabel_file_perms;
Chris PeBenito 296273 
	userdom_search_user_home_dirs($1)
Chris PeBenito 73edbc 
')

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation