rpms / selinux-policy

Clone
Source Code
GIT

Blame refpolicy/policy/modules/kernel/mcs.te

c10s-sig-hyperscale c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   fcfe684b16feb6a5d2dacd1b706e20f834953fdd
  2.   refpolicy
  3.   policy
  4.   modules
  5.   kernel
  6.   mcs.te
Blob History Raw
Chris PeBenito fcfe68
Chris PeBenito fcfe68 
policy_module(mcs,1.0.0)
Chris PeBenito fcfe68
Chris PeBenito fcfe68 
########################################
Chris PeBenito fcfe68 
#
Chris PeBenito fcfe68 
# Declarations
Chris PeBenito fcfe68 
#
Chris PeBenito fcfe68
Chris PeBenito fcfe68 
attribute mcskillall;
Chris PeBenito fcfe68
Chris PeBenito fcfe68 
########################################
Chris PeBenito fcfe68 
#
Chris PeBenito fcfe68 
# THIS IS A HACK
Chris PeBenito fcfe68 
#
Chris PeBenito fcfe68 
# Only the base module can have range_transitions, so we
Chris PeBenito fcfe68 
# temporarily have to break encapsulation to work around this.
Chris PeBenito fcfe68 
#
Chris PeBenito fcfe68
Chris PeBenito fcfe68 
type auditd_exec_t;
Chris PeBenito fcfe68 
type crond_exec_t;
Chris PeBenito fcfe68 
type cupsd_exec_t;
Chris PeBenito fcfe68 
type getty_t;
Chris PeBenito fcfe68 
type init_t;
Chris PeBenito fcfe68 
type init_exec_t;
Chris PeBenito fcfe68 
type initrc_t;
Chris PeBenito fcfe68 
type initrc_exec_t;
Chris PeBenito fcfe68 
type login_exec_t;
Chris PeBenito fcfe68 
type sshd_exec_t;
Chris PeBenito fcfe68 
type su_exec_t;
Chris PeBenito fcfe68 
type udev_exec_t;
Chris PeBenito fcfe68 
type unconfined_t;
Chris PeBenito fcfe68 
type xdm_exec_t;
Chris PeBenito fcfe68
Chris PeBenito fcfe68 
ifdef(`enable_mcs',`
Chris PeBenito fcfe68 
range_transition getty_t login_exec_t s0 - s0:c0.c255;
Chris PeBenito fcfe68 
range_transition init_t xdm_exec_t s0 - s0:c0.c255;
Chris PeBenito fcfe68 
range_transition initrc_t crond_exec_t s0 - s0:c0.c255;
Chris PeBenito fcfe68 
range_transition initrc_t cupsd_exec_t s0 - s0:c0.c255;
Chris PeBenito fcfe68 
range_transition initrc_t sshd_exec_t s0 - s0:c0.c255;
Chris PeBenito fcfe68 
range_transition initrc_t udev_exec_t s0 - s0:c0.c255;
Chris PeBenito fcfe68 
range_transition initrc_t xdm_exec_t s0 - s0:c0.c255;
Chris PeBenito fcfe68 
range_transition kernel_t udev_exec_t s0 - s0:c0.c255;
Chris PeBenito fcfe68
Chris PeBenito fcfe68 
# these might be targeted_policy only
Chris PeBenito fcfe68 
range_transition unconfined_t su_exec_t s0 - s0:c0.c255;
Chris PeBenito fcfe68 
range_transition unconfined_t initrc_exec_t s0;
Chris PeBenito fcfe68 
')

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation