|
Chris PeBenito |
17de1b |
## <summary>Miscelaneous files.</summary>
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Dan Walsh |
3eaa99 |
## Make the specified type usable as a cert file.
|
|
Dan Walsh |
3eaa99 |
## </summary>
|
|
Dan Walsh |
3eaa99 |
## <desc>
|
|
Dan Walsh |
3eaa99 |
##
|
|
Dan Walsh |
3eaa99 |
## Make the specified type usable for cert files.
|
|
Dan Walsh |
3eaa99 |
## This will also make the type usable for files, making
|
|
Dan Walsh |
3eaa99 |
## calls to files_type() redundant. Failure to use this interface
|
|
Dan Walsh |
3eaa99 |
## for a temporary file may result in problems with
|
|
Dan Walsh |
3eaa99 |
## cert management tools.
|
|
Dan Walsh |
3eaa99 |
##
|
|
Dan Walsh |
3eaa99 |
##
|
|
Dan Walsh |
3eaa99 |
## Related interfaces:
|
|
Dan Walsh |
3eaa99 |
##
|
|
Dan Walsh |
3eaa99 |
##
|
|
Dan Walsh |
3eaa99 |
## files_type()
|
|
Dan Walsh |
3eaa99 |
##
|
|
Dan Walsh |
3eaa99 |
##
|
|
Dan Walsh |
3eaa99 |
## Example:
|
|
Dan Walsh |
3eaa99 |
##
|
|
Dan Walsh |
3eaa99 |
##
|
|
Dan Walsh |
3eaa99 |
## type mycertfile_t;
|
|
Dan Walsh |
3eaa99 |
## cert_type(mycertfile_t)
|
|
Dan Walsh |
3eaa99 |
## allow mydomain_t mycertfile_t:file read_file_perms;
|
|
Dan Walsh |
3eaa99 |
## files_search_etc(mydomain_t)
|
|
Dan Walsh |
3eaa99 |
##
|
|
Dan Walsh |
3eaa99 |
## </desc>
|
|
Dan Walsh |
3eaa99 |
## <param name="type">
|
|
Dan Walsh |
3eaa99 |
## <summary>
|
|
Dan Walsh |
3eaa99 |
## Type to be used for files.
|
|
Dan Walsh |
3eaa99 |
## </summary>
|
|
Dan Walsh |
3eaa99 |
## </param>
|
|
Dan Walsh |
3eaa99 |
## <infoflow type="none"/>
|
|
Dan Walsh |
3eaa99 |
#
|
|
Dan Walsh |
3eaa99 |
interface(`miscfiles_cert_type',`
|
|
Dan Walsh |
3eaa99 |
gen_require(`
|
|
Dan Walsh |
3eaa99 |
attribute cert_type;
|
|
Dan Walsh |
3eaa99 |
')
|
|
Dan Walsh |
3eaa99 |
|
|
Dan Walsh |
3eaa99 |
typeattribute $1 cert_type;
|
|
Dan Walsh |
3eaa99 |
files_type($1)
|
|
Dan Walsh |
3eaa99 |
')
|
|
Dan Walsh |
3eaa99 |
|
|
Dan Walsh |
3eaa99 |
########################################
|
|
Dan Walsh |
3eaa99 |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Read system SSL certificates.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
bbcd3c |
## <rolecap/>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`miscfiles_read_certs',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Dan Walsh |
3eaa99 |
attribute cert_type;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Dan Walsh |
3eaa99 |
allow $1 cert_type:dir list_dir_perms;
|
|
Dan Walsh |
3eaa99 |
read_files_pattern($1, cert_type, cert_type)
|
|
Dan Walsh |
3eaa99 |
read_lnk_files_pattern($1, cert_type, cert_type)
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
244b45 |
## manange system SSL certificates.
|
|
Chris PeBenito |
244b45 |
## </summary>
|
|
Chris PeBenito |
244b45 |
## <param name="domain">
|
|
Chris PeBenito |
244b45 |
## <summary>
|
|
Chris PeBenito |
244b45 |
## Domain allowed access.
|
|
Chris PeBenito |
244b45 |
## </summary>
|
|
Chris PeBenito |
244b45 |
## </param>
|
|
Chris PeBenito |
244b45 |
## <rolecap/>
|
|
Chris PeBenito |
244b45 |
#
|
|
Chris PeBenito |
244b45 |
interface(`miscfiles_manage_cert_dirs',`
|
|
Chris PeBenito |
244b45 |
gen_require(`
|
|
Chris PeBenito |
244b45 |
type cert_t;
|
|
Chris PeBenito |
244b45 |
')
|
|
Chris PeBenito |
244b45 |
|
|
Chris PeBenito |
244b45 |
manage_dirs_pattern($1, cert_t, cert_t)
|
|
Chris PeBenito |
244b45 |
')
|
|
Chris PeBenito |
244b45 |
|
|
Chris PeBenito |
244b45 |
########################################
|
|
Chris PeBenito |
244b45 |
## <summary>
|
|
Chris PeBenito |
244b45 |
## manange system SSL certificates.
|
|
Chris PeBenito |
244b45 |
## </summary>
|
|
Chris PeBenito |
244b45 |
## <param name="domain">
|
|
Chris PeBenito |
244b45 |
## <summary>
|
|
Chris PeBenito |
244b45 |
## Domain allowed access.
|
|
Chris PeBenito |
244b45 |
## </summary>
|
|
Chris PeBenito |
244b45 |
## </param>
|
|
Chris PeBenito |
244b45 |
## <rolecap/>
|
|
Chris PeBenito |
244b45 |
#
|
|
Chris PeBenito |
244b45 |
interface(`miscfiles_manage_cert_files',`
|
|
Chris PeBenito |
244b45 |
gen_require(`
|
|
Chris PeBenito |
244b45 |
type cert_t;
|
|
Chris PeBenito |
244b45 |
')
|
|
Chris PeBenito |
244b45 |
|
|
Chris PeBenito |
244b45 |
manage_files_pattern($1, cert_t, cert_t)
|
|
Chris PeBenito |
244b45 |
read_lnk_files_pattern($1, cert_t, cert_t)
|
|
Chris PeBenito |
244b45 |
')
|
|
Chris PeBenito |
244b45 |
|
|
Chris PeBenito |
244b45 |
########################################
|
|
Chris PeBenito |
244b45 |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Read fonts.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
bbcd3c |
## <rolecap/>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`miscfiles_read_fonts',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
d0a6df |
type fonts_t, fonts_cache_t;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
# cjp: fonts can be in either of these dirs
|
|
Chris PeBenito |
17de1b |
files_search_usr($1)
|
|
Chris PeBenito |
17de1b |
libs_search_lib($1)
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
c0868a |
allow $1 fonts_t:dir list_dir_perms;
|
|
Chris PeBenito |
3f67f7 |
read_files_pattern($1, fonts_t, fonts_t)
|
|
Chris PeBenito |
3f67f7 |
read_lnk_files_pattern($1, fonts_t, fonts_t)
|
|
Chris PeBenito |
d0a6df |
|
|
Chris PeBenito |
d0a6df |
allow $1 fonts_cache_t:dir list_dir_perms;
|
|
Chris PeBenito |
d0a6df |
read_files_pattern($1, fonts_cache_t, fonts_cache_t)
|
|
Chris PeBenito |
d0a6df |
read_lnk_files_pattern($1, fonts_cache_t, fonts_cache_t)
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
9dfdd4 |
## Set the attributes on a fonts directory.
|
|
Chris PeBenito |
9dfdd4 |
## </summary>
|
|
Chris PeBenito |
9dfdd4 |
## <param name="domain">
|
|
Chris PeBenito |
9dfdd4 |
## <summary>
|
|
Chris PeBenito |
9dfdd4 |
## Domain allowed access.
|
|
Chris PeBenito |
9dfdd4 |
## </summary>
|
|
Chris PeBenito |
9dfdd4 |
## </param>
|
|
Chris PeBenito |
9dfdd4 |
## <rolecap/>
|
|
Chris PeBenito |
9dfdd4 |
#
|
|
Chris PeBenito |
9dfdd4 |
interface(`miscfiles_setattr_fonts_dirs',`
|
|
Chris PeBenito |
9dfdd4 |
gen_require(`
|
|
Chris PeBenito |
9dfdd4 |
type fonts_t;
|
|
Chris PeBenito |
9dfdd4 |
')
|
|
Chris PeBenito |
9dfdd4 |
|
|
Chris PeBenito |
9dfdd4 |
allow $1 fonts_t:dir setattr;
|
|
Chris PeBenito |
9dfdd4 |
')
|
|
Chris PeBenito |
9dfdd4 |
|
|
Chris PeBenito |
9dfdd4 |
########################################
|
|
Chris PeBenito |
9dfdd4 |
## <summary>
|
|
Chris PeBenito |
9dfdd4 |
## Do not audit attempts to set the attributes
|
|
Chris PeBenito |
9dfdd4 |
## on a fonts directory.
|
|
Chris PeBenito |
9dfdd4 |
## </summary>
|
|
Chris PeBenito |
9dfdd4 |
## <param name="domain">
|
|
Chris PeBenito |
9dfdd4 |
## <summary>
|
|
Dominick Grift |
a0546c |
## Domain to not audit.
|
|
Chris PeBenito |
9dfdd4 |
## </summary>
|
|
Chris PeBenito |
9dfdd4 |
## </param>
|
|
Chris PeBenito |
9dfdd4 |
## <rolecap/>
|
|
Chris PeBenito |
9dfdd4 |
#
|
|
Chris PeBenito |
9dfdd4 |
interface(`miscfiles_dontaudit_setattr_fonts_dirs',`
|
|
Chris PeBenito |
9dfdd4 |
gen_require(`
|
|
Chris PeBenito |
9dfdd4 |
type fonts_t;
|
|
Chris PeBenito |
9dfdd4 |
')
|
|
Chris PeBenito |
9dfdd4 |
|
|
Chris PeBenito |
9dfdd4 |
dontaudit $1 fonts_t:dir setattr;
|
|
Chris PeBenito |
9dfdd4 |
')
|
|
Chris PeBenito |
9dfdd4 |
|
|
Chris PeBenito |
9dfdd4 |
########################################
|
|
Chris PeBenito |
9dfdd4 |
## <summary>
|
|
Chris PeBenito |
226c06 |
## Do not audit attempts to write fonts.
|
|
Chris PeBenito |
226c06 |
## </summary>
|
|
Chris PeBenito |
226c06 |
## <param name="domain">
|
|
Chris PeBenito |
226c06 |
## <summary>
|
|
Dominick Grift |
a0546c |
## Domain to not audit.
|
|
Chris PeBenito |
226c06 |
## </summary>
|
|
Chris PeBenito |
226c06 |
## </param>
|
|
Chris PeBenito |
226c06 |
## <rolecap/>
|
|
Chris PeBenito |
226c06 |
#
|
|
Chris PeBenito |
226c06 |
interface(`miscfiles_dontaudit_write_fonts',`
|
|
Chris PeBenito |
226c06 |
gen_require(`
|
|
Chris PeBenito |
226c06 |
type fonts_t;
|
|
Chris PeBenito |
226c06 |
')
|
|
Chris PeBenito |
226c06 |
|
|
Chris PeBenito |
244b45 |
dontaudit $1 fonts_t:dir { write setattr };
|
|
Chris PeBenito |
226c06 |
dontaudit $1 fonts_t:file write;
|
|
Chris PeBenito |
226c06 |
')
|
|
Chris PeBenito |
226c06 |
|
|
Chris PeBenito |
226c06 |
########################################
|
|
Chris PeBenito |
226c06 |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Create, read, write, and delete fonts.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
bbcd3c |
## <rolecap/>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`miscfiles_manage_fonts',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
type fonts_t;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
# cjp: fonts can be in either of these dirs
|
|
Chris PeBenito |
17de1b |
files_search_usr($1)
|
|
Chris PeBenito |
17de1b |
libs_search_lib($1)
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
3f67f7 |
manage_dirs_pattern($1, fonts_t, fonts_t)
|
|
Chris PeBenito |
3f67f7 |
manage_files_pattern($1, fonts_t, fonts_t)
|
|
Chris PeBenito |
3f67f7 |
manage_lnk_files_pattern($1, fonts_t, fonts_t)
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
d0a6df |
## Set the attributes on a fonts cache directory.
|
|
Chris PeBenito |
d0a6df |
## </summary>
|
|
Chris PeBenito |
d0a6df |
## <param name="domain">
|
|
Chris PeBenito |
d0a6df |
## <summary>
|
|
Chris PeBenito |
d0a6df |
## Domain allowed access.
|
|
Chris PeBenito |
d0a6df |
## </summary>
|
|
Chris PeBenito |
d0a6df |
## </param>
|
|
Chris PeBenito |
d0a6df |
#
|
|
Chris PeBenito |
d0a6df |
interface(`miscfiles_setattr_fonts_cache_dirs',`
|
|
Chris PeBenito |
d0a6df |
gen_require(`
|
|
Chris PeBenito |
d0a6df |
type fonts_cache_t;
|
|
Chris PeBenito |
d0a6df |
')
|
|
Chris PeBenito |
d0a6df |
|
|
Chris PeBenito |
d0a6df |
allow $1 fonts_cache_t:dir setattr;
|
|
Chris PeBenito |
d0a6df |
')
|
|
Chris PeBenito |
d0a6df |
|
|
Chris PeBenito |
d0a6df |
########################################
|
|
Chris PeBenito |
d0a6df |
## <summary>
|
|
Chris PeBenito |
d0a6df |
## Do not audit attempts to set the attributes
|
|
Chris PeBenito |
d0a6df |
## on a fonts cache directory.
|
|
Chris PeBenito |
d0a6df |
## </summary>
|
|
Chris PeBenito |
d0a6df |
## <param name="domain">
|
|
Chris PeBenito |
d0a6df |
## <summary>
|
|
Dominick Grift |
a0546c |
## Domain to not audit.
|
|
Chris PeBenito |
d0a6df |
## </summary>
|
|
Chris PeBenito |
d0a6df |
## </param>
|
|
Chris PeBenito |
d0a6df |
#
|
|
Chris PeBenito |
d0a6df |
interface(`miscfiles_dontaudit_setattr_fonts_cache_dirs',`
|
|
Chris PeBenito |
d0a6df |
gen_require(`
|
|
Chris PeBenito |
d0a6df |
type fonts_cache_t;
|
|
Chris PeBenito |
d0a6df |
')
|
|
Chris PeBenito |
d0a6df |
|
|
Chris PeBenito |
d0a6df |
dontaudit $1 fonts_cache_t:dir setattr;
|
|
Chris PeBenito |
d0a6df |
')
|
|
Chris PeBenito |
d0a6df |
|
|
Chris PeBenito |
d0a6df |
########################################
|
|
Chris PeBenito |
d0a6df |
## <summary>
|
|
Chris PeBenito |
d0a6df |
## Create, read, write, and delete fonts cache.
|
|
Chris PeBenito |
d0a6df |
## </summary>
|
|
Chris PeBenito |
d0a6df |
## <param name="domain">
|
|
Chris PeBenito |
d0a6df |
## <summary>
|
|
Chris PeBenito |
d0a6df |
## Domain allowed access.
|
|
Chris PeBenito |
d0a6df |
## </summary>
|
|
Chris PeBenito |
d0a6df |
## </param>
|
|
Chris PeBenito |
d0a6df |
## <rolecap/>
|
|
Chris PeBenito |
d0a6df |
#
|
|
Chris PeBenito |
d0a6df |
interface(`miscfiles_manage_fonts_cache',`
|
|
Chris PeBenito |
d0a6df |
gen_require(`
|
|
Chris PeBenito |
d0a6df |
type fonts_cache_t;
|
|
Chris PeBenito |
d0a6df |
')
|
|
Chris PeBenito |
d0a6df |
|
|
Chris PeBenito |
d0a6df |
files_search_var($1)
|
|
Chris PeBenito |
d0a6df |
|
|
Chris PeBenito |
d0a6df |
manage_dirs_pattern($1, fonts_cache_t, fonts_cache_t)
|
|
Chris PeBenito |
d0a6df |
manage_files_pattern($1, fonts_cache_t, fonts_cache_t)
|
|
Chris PeBenito |
d0a6df |
manage_lnk_files_pattern($1, fonts_cache_t, fonts_cache_t)
|
|
Chris PeBenito |
d0a6df |
')
|
|
Chris PeBenito |
d0a6df |
|
|
Chris PeBenito |
d0a6df |
########################################
|
|
Chris PeBenito |
d0a6df |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Read hardware identification data.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`miscfiles_read_hwdata',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
type hwdata_t;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
c0868a |
allow $1 hwdata_t:dir list_dir_perms;
|
|
Chris PeBenito |
3f67f7 |
read_files_pattern($1, hwdata_t, hwdata_t)
|
|
Chris PeBenito |
3f67f7 |
read_lnk_files_pattern($1, hwdata_t, hwdata_t)
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
6b19be |
## Allow process to setattr localization info
|
|
Chris PeBenito |
6b19be |
## </summary>
|
|
Chris PeBenito |
6b19be |
## <param name="domain">
|
|
Chris PeBenito |
6b19be |
## <summary>
|
|
Chris PeBenito |
6b19be |
## Domain allowed access.
|
|
Chris PeBenito |
6b19be |
## </summary>
|
|
Chris PeBenito |
6b19be |
## </param>
|
|
Chris PeBenito |
6b19be |
#
|
|
Chris PeBenito |
6b19be |
interface(`miscfiles_setattr_localization',`
|
|
Chris PeBenito |
6b19be |
gen_require(`
|
|
Chris PeBenito |
6b19be |
type locale_t;
|
|
Chris PeBenito |
6b19be |
')
|
|
Chris PeBenito |
6b19be |
|
|
Chris PeBenito |
6b19be |
files_search_usr($1)
|
|
Chris PeBenito |
6b19be |
allow $1 locale_t:dir list_dir_perms;
|
|
Chris PeBenito |
6b19be |
allow $1 locale_t:file setattr;
|
|
Chris PeBenito |
6b19be |
')
|
|
Chris PeBenito |
6b19be |
|
|
Chris PeBenito |
6b19be |
########################################
|
|
Chris PeBenito |
6b19be |
## <summary>
|
|
Chris PeBenito |
611bc9 |
## Allow process to read localization information.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
611bc9 |
## <desc>
|
|
Chris PeBenito |
611bc9 |
##
|
|
Chris PeBenito |
611bc9 |
## Allow the specified domain to read the localization files.
|
|
Chris PeBenito |
611bc9 |
## This is typically for time zone configuration files, such as
|
|
Chris PeBenito |
611bc9 |
## /etc/localtime and files in /usr/share/zoneinfo.
|
|
Chris PeBenito |
611bc9 |
## Typically, any domain which needs to know the GMT/UTC
|
|
Chris PeBenito |
611bc9 |
## offset of the current timezone will need access
|
|
Chris PeBenito |
611bc9 |
## to these files. Generally, it should be safe for any
|
|
Chris PeBenito |
611bc9 |
## domain to read these files.
|
|
Chris PeBenito |
611bc9 |
##
|
|
Chris PeBenito |
611bc9 |
## </desc>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
611bc9 |
## <infoflow type="read" weight="10"/>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`miscfiles_read_localization',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
type locale_t;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
2cac32 |
files_read_etc_symlinks($1)
|
|
Chris PeBenito |
17de1b |
files_search_usr($1)
|
|
Chris PeBenito |
c0868a |
allow $1 locale_t:dir list_dir_perms;
|
|
Chris PeBenito |
3f67f7 |
read_files_pattern($1, locale_t, locale_t)
|
|
Chris PeBenito |
3f67f7 |
read_lnk_files_pattern($1, locale_t, locale_t)
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
a5e213 |
## Allow process to write localization info
|
|
Chris PeBenito |
a5e213 |
## </summary>
|
|
Chris PeBenito |
a5e213 |
## <param name="domain">
|
|
Chris PeBenito |
a5e213 |
## <summary>
|
|
Chris PeBenito |
a5e213 |
## Domain allowed access.
|
|
Chris PeBenito |
a5e213 |
## </summary>
|
|
Chris PeBenito |
a5e213 |
## </param>
|
|
Chris PeBenito |
a5e213 |
#
|
|
Chris PeBenito |
a5e213 |
interface(`miscfiles_rw_localization',`
|
|
Chris PeBenito |
a5e213 |
gen_require(`
|
|
Chris PeBenito |
a5e213 |
type locale_t;
|
|
Chris PeBenito |
a5e213 |
')
|
|
Chris PeBenito |
a5e213 |
|
|
Chris PeBenito |
a5e213 |
files_search_usr($1)
|
|
Chris PeBenito |
a5e213 |
allow $1 locale_t:dir list_dir_perms;
|
|
Chris PeBenito |
3f67f7 |
rw_files_pattern($1, locale_t, locale_t)
|
|
Chris PeBenito |
a5e213 |
')
|
|
Chris PeBenito |
a5e213 |
|
|
Chris PeBenito |
a5e213 |
########################################
|
|
Chris PeBenito |
a5e213 |
## <summary>
|
|
Chris PeBenito |
6b19be |
## Allow process to relabel localization info
|
|
Chris PeBenito |
6b19be |
## </summary>
|
|
Chris PeBenito |
6b19be |
## <param name="domain">
|
|
Chris PeBenito |
6b19be |
## <summary>
|
|
Chris PeBenito |
6b19be |
## Domain allowed access.
|
|
Chris PeBenito |
6b19be |
## </summary>
|
|
Chris PeBenito |
6b19be |
## </param>
|
|
Chris PeBenito |
6b19be |
#
|
|
Chris PeBenito |
6b19be |
interface(`miscfiles_relabel_localization',`
|
|
Chris PeBenito |
6b19be |
gen_require(`
|
|
Chris PeBenito |
6b19be |
type locale_t;
|
|
Chris PeBenito |
6b19be |
')
|
|
Chris PeBenito |
6b19be |
|
|
Chris PeBenito |
6b19be |
files_search_usr($1)
|
|
Chris PeBenito |
3f67f7 |
relabel_files_pattern($1, locale_t, locale_t)
|
|
Chris PeBenito |
6b19be |
')
|
|
Chris PeBenito |
6b19be |
|
|
Chris PeBenito |
6b19be |
########################################
|
|
Chris PeBenito |
6b19be |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Allow process to read legacy time localization info
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`miscfiles_legacy_read_localization',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
type locale_t;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
miscfiles_read_localization($1)
|
|
Chris PeBenito |
17de1b |
allow $1 locale_t:file execute;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
9dfdd4 |
## Search man pages.
|
|
Chris PeBenito |
9dfdd4 |
## </summary>
|
|
Chris PeBenito |
9dfdd4 |
## <param name="domain">
|
|
Chris PeBenito |
9dfdd4 |
## <summary>
|
|
Dominick Grift |
a0546c |
## Domain allowed access.
|
|
Chris PeBenito |
9dfdd4 |
## </summary>
|
|
Chris PeBenito |
9dfdd4 |
## </param>
|
|
Chris PeBenito |
9dfdd4 |
#
|
|
Chris PeBenito |
9dfdd4 |
interface(`miscfiles_search_man_pages',`
|
|
Chris PeBenito |
9dfdd4 |
gen_require(`
|
|
Chris PeBenito |
9dfdd4 |
type man_t;
|
|
Chris PeBenito |
9dfdd4 |
')
|
|
Chris PeBenito |
9dfdd4 |
|
|
Chris PeBenito |
9dfdd4 |
allow $1 man_t:dir search_dir_perms;
|
|
Chris PeBenito |
9dfdd4 |
files_search_usr($1)
|
|
Chris PeBenito |
9dfdd4 |
')
|
|
Chris PeBenito |
9dfdd4 |
|
|
Chris PeBenito |
9dfdd4 |
########################################
|
|
Chris PeBenito |
9dfdd4 |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Do not audit attempts to search man pages.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain to not audit.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`miscfiles_dontaudit_search_man_pages',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
type man_t;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
9dfdd4 |
dontaudit $1 man_t:dir search_dir_perms;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Read man pages
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
bbcd3c |
## <rolecap/>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`miscfiles_read_man_pages',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
type man_t;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
files_search_usr($1)
|
|
Chris PeBenito |
c0868a |
allow $1 man_t:dir list_dir_perms;
|
|
Chris PeBenito |
3f67f7 |
read_files_pattern($1, man_t, man_t)
|
|
Chris PeBenito |
3f67f7 |
read_lnk_files_pattern($1, man_t, man_t)
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Delete man pages
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
# cjp: added for tmpreaper
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`miscfiles_delete_man_pages',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
type man_t;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
files_search_usr($1)
|
|
Chris PeBenito |
c0868a |
|
|
Chris PeBenito |
c0868a |
allow $1 man_t:dir setattr;
|
|
Chris PeBenito |
226c06 |
# RH bug #309351
|
|
Chris PeBenito |
226c06 |
allow $1 man_t:dir list_dir_perms;
|
|
Chris PeBenito |
3f67f7 |
delete_dirs_pattern($1, man_t, man_t)
|
|
Chris PeBenito |
3f67f7 |
delete_files_pattern($1, man_t, man_t)
|
|
Chris PeBenito |
3f67f7 |
delete_lnk_files_pattern($1, man_t, man_t)
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Create, read, write, and delete man pages
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`miscfiles_manage_man_pages',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
type man_t;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
files_search_usr($1)
|
|
Chris PeBenito |
3f67f7 |
manage_dirs_pattern($1, man_t, man_t)
|
|
Chris PeBenito |
3f67f7 |
manage_files_pattern($1, man_t, man_t)
|
|
Chris PeBenito |
3f67f7 |
read_lnk_files_pattern($1, man_t, man_t)
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Read public files used for file
|
|
Chris PeBenito |
17de1b |
## transfer services.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
bbcd3c |
## <rolecap/>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`miscfiles_read_public_files',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
type public_content_t, public_content_rw_t;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
c0868a |
allow $1 { public_content_t public_content_rw_t }:dir list_dir_perms;
|
|
Chris PeBenito |
dccbb8 |
read_files_pattern($1, { public_content_t public_content_rw_t }, { public_content_t public_content_rw_t })
|
|
Chris PeBenito |
dccbb8 |
read_lnk_files_pattern($1, { public_content_t public_content_rw_t }, { public_content_t public_content_rw_t })
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Create, read, write, and delete public files
|
|
Chris PeBenito |
17de1b |
## and directories used for file transfer services.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
bbcd3c |
## <rolecap/>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`miscfiles_manage_public_files',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
type public_content_rw_t;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
3f67f7 |
manage_dirs_pattern($1, public_content_rw_t, public_content_rw_t)
|
|
Chris PeBenito |
3f67f7 |
manage_files_pattern($1, public_content_rw_t, public_content_rw_t)
|
|
Chris PeBenito |
3f67f7 |
manage_lnk_files_pattern($1, public_content_rw_t, public_content_rw_t)
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Read TeX data
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`miscfiles_read_tetex_data',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
type tetex_data_t;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
files_search_var($1)
|
|
Chris PeBenito |
17de1b |
files_search_var_lib($1)
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
# cjp: TeX data can be in either of the above dirs
|
|
Chris PeBenito |
c0868a |
allow $1 tetex_data_t:dir list_dir_perms;
|
|
Chris PeBenito |
3f67f7 |
read_files_pattern($1, tetex_data_t, tetex_data_t)
|
|
Chris PeBenito |
3f67f7 |
read_lnk_files_pattern($1, tetex_data_t, tetex_data_t)
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Execute TeX data programs in the caller domain.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`miscfiles_exec_tetex_data',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
type fonts_t;
|
|
Chris PeBenito |
8f3a0a |
type tetex_data_t;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
files_search_var($1)
|
|
Chris PeBenito |
17de1b |
files_search_var_lib($1)
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
# cjp: TeX data can be in either of the above dirs
|
|
Chris PeBenito |
c0868a |
allow $1 tetex_data_t:dir list_dir_perms;
|
|
Chris PeBenito |
3f67f7 |
exec_files_pattern($1, tetex_data_t, tetex_data_t)
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Let test files be an entry point for
|
|
Chris PeBenito |
17de1b |
## a specified domain.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Dominick Grift |
a0546c |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`miscfiles_domain_entry_test_files',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
type test_file_t;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
domain_entry_file($1, test_file_t)
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Read test files and directories.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`miscfiles_read_test_files',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
type test_file_t;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
3f67f7 |
read_files_pattern($1, test_file_t, test_file_t)
|
|
Chris PeBenito |
3f67f7 |
read_lnk_files_pattern($1, test_file_t, test_file_t)
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Execute test files.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`miscfiles_exec_test_files',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
type test_file_t;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
3f67f7 |
exec_files_pattern($1, test_file_t, test_file_t)
|
|
Chris PeBenito |
3f67f7 |
read_lnk_files_pattern($1, test_file_t, test_file_t)
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
6b19be |
|
|
Chris PeBenito |
6b19be |
########################################
|
|
Chris PeBenito |
6b19be |
## <summary>
|
|
Chris PeBenito |
6b19be |
## Execute test files.
|
|
Chris PeBenito |
6b19be |
## </summary>
|
|
Chris PeBenito |
6b19be |
## <param name="domain">
|
|
Chris PeBenito |
6b19be |
## <summary>
|
|
Chris PeBenito |
6b19be |
## Domain allowed access.
|
|
Chris PeBenito |
6b19be |
## </summary>
|
|
Chris PeBenito |
6b19be |
## </param>
|
|
Chris PeBenito |
6b19be |
#
|
|
Chris PeBenito |
6b19be |
interface(`miscfiles_etc_filetrans_localization',`
|
|
Chris PeBenito |
6b19be |
gen_require(`
|
|
Chris PeBenito |
6b19be |
type locale_t;
|
|
Chris PeBenito |
6b19be |
')
|
|
Chris PeBenito |
6b19be |
|
|
Chris PeBenito |
6b19be |
files_etc_filetrans($1, locale_t, file)
|
|
Chris PeBenito |
6b19be |
|
|
Chris PeBenito |
6b19be |
')
|
|
Chris PeBenito |
6b19be |
|
|
Chris PeBenito |
6b19be |
########################################
|
|
Chris PeBenito |
6b19be |
## <summary>
|
|
Chris PeBenito |
6b19be |
## Create, read, write, and delete localization
|
|
Chris PeBenito |
6b19be |
## </summary>
|
|
Chris PeBenito |
6b19be |
## <param name="domain">
|
|
Chris PeBenito |
6b19be |
## <summary>
|
|
Chris PeBenito |
6b19be |
## Domain allowed access.
|
|
Chris PeBenito |
6b19be |
## </summary>
|
|
Chris PeBenito |
6b19be |
## </param>
|
|
Chris PeBenito |
6b19be |
## <rolecap/>
|
|
Chris PeBenito |
6b19be |
#
|
|
Chris PeBenito |
6b19be |
interface(`miscfiles_manage_localization',`
|
|
Chris PeBenito |
6b19be |
gen_require(`
|
|
Chris PeBenito |
6b19be |
type locale_t;
|
|
Chris PeBenito |
6b19be |
')
|
|
Chris PeBenito |
6b19be |
|
|
Chris PeBenito |
3f67f7 |
manage_dirs_pattern($1, locale_t, locale_t)
|
|
Chris PeBenito |
3f67f7 |
manage_files_pattern($1, locale_t, locale_t)
|
|
Chris PeBenito |
3f67f7 |
manage_lnk_files_pattern($1, locale_t, locale_t)
|
|
Chris PeBenito |
6b19be |
')
|
|
Chris PeBenito |
6b19be |
|