rpms / selinux-policy

Clone
Source Code
GIT

Blame policy/modules/services/tftp.if

c10s-sig-hyperscale c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   4931c57e4b9767f224ac77f0ac8af79a633550c0
  2.   policy
  3.   modules
  4.   services
  5.   tftp.if
Blob History Raw
Chris PeBenito 17de1b 
## <summary>Trivial file transfer protocol daemon</summary>
Chris PeBenito 7a5e2d
Chris PeBenito 7a5e2d 
########################################
Chris PeBenito 7a5e2d 
## <summary>
Chris PeBenito 27eab8 
##	Read tftp content
Dominick Grift 1031ee 
## </summary>
Dominick Grift 1031ee 
## <param name="domain">
Dominick Grift 1031ee 
##	<summary>
Dominick Grift 1031ee 
##	Domain allowed access.
Dominick Grift 1031ee 
##	</summary>
Dominick Grift 1031ee 
## </param>
Dominick Grift 1031ee 
#
Chris PeBenito 27eab8 
interface(`tftp_read_content',`
Dominick Grift 1031ee 
	gen_require(`
Chris PeBenito 27eab8 
		type tftpdir_t;
Dominick Grift 1031ee 
	')
Dominick Grift 1031ee
Chris PeBenito 27eab8 
	read_files_pattern($1, tftpdir_t, tftpdir_t)
Dominick Grift 1031ee 
')
Dominick Grift 1031ee
Dominick Grift 1031ee 
########################################
Dominick Grift 1031ee 
## <summary>
Dominick Grift 1031ee 
##	Manage tftp /var/lib files.
Dominick Grift 1031ee 
## </summary>
Dominick Grift 1031ee 
## <param name="domain">
Dominick Grift 1031ee 
##	<summary>
Dominick Grift 1031ee 
##	Domain allowed access.
Dominick Grift 1031ee 
##	</summary>
Dominick Grift 1031ee 
## </param>
Dominick Grift 1031ee 
#
Chris PeBenito 27eab8 
interface(`tftp_manage_rw_content',`
Dominick Grift 1031ee 
	gen_require(`
Dominick Grift 1031ee 
		type tftpdir_rw_t;
Dominick Grift 1031ee 
	')
Dominick Grift 1031ee
Dominick Grift 1031ee 
	files_search_var_lib($1)
Chris PeBenito 27eab8 
	manage_dirs_pattern($1, tftpdir_rw_t, tftpdir_rw_t)
Dominick Grift 1031ee 
	manage_files_pattern($1, tftpdir_rw_t, tftpdir_rw_t)
Dominick Grift 1031ee 
')
Dominick Grift 1031ee
Dominick Grift 1031ee 
########################################
Dominick Grift 1031ee 
## <summary>
Chris PeBenito 2650ca 
##	All of the rules required to administrate
Chris PeBenito 7a5e2d 
##	an tftp environment
Chris PeBenito 7a5e2d 
## </summary>
Chris PeBenito 7a5e2d 
## <param name="domain">
Chris PeBenito 7a5e2d 
##	<summary>
Chris PeBenito 7a5e2d 
##	Domain allowed access.
Chris PeBenito 7a5e2d 
##	</summary>
Chris PeBenito 7a5e2d 
## </param>
Chris PeBenito 7a5e2d 
## <rolecap/>
Chris PeBenito 7a5e2d 
#
Chris PeBenito 7a5e2d 
interface(`tftp_admin',`
Chris PeBenito 7a5e2d 
	gen_require(`
Chris PeBenito 0bfccd 
		type tftpd_t, tftpdir_t, tftpdir_rw_t, tftpd_var_run_t;
Chris PeBenito 7a5e2d 
	')
Chris PeBenito 7a5e2d
Chris PeBenito 8f3a0a 
	allow $1 tftpd_t:process { ptrace signal_perms getattr };
Chris PeBenito 8f3a0a 
	ps_process_pattern($1, tftpd_t)
Chris PeBenito 2a9837
Chris PeBenito e87221 
	admin_pattern($1, tftpdir_rw_t)
Chris PeBenito 7a5e2d
Chris PeBenito e87221 
	admin_pattern($1, tftpdir_t)
Chris PeBenito 7a5e2d
Chris PeBenito 7a5e2d 
	files_list_pids($1)
Chris PeBenito e87221 
	admin_pattern($1, tftpd_var_run_t)
Chris PeBenito 7a5e2d 
')

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation