rpms / selinux-policy

Clone
Source Code
GIT

Blame refpolicy/policy/modules/kernel/storage.te

c10s-sig-hyperscale c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   70de70dc882c0d2255133974e53300c51c830617
  2.   refpolicy
  3.   policy
  4.   modules
  5.   kernel
  6.   storage.te
Blob History Raw
Chris PeBenito e181fe
Chris PeBenito 5ea24b 
policy_module(storage,1.0.0)
Chris PeBenito 960373
Chris PeBenito fd89e1 
########################################
Chris PeBenito fd89e1 
#
Chris PeBenito fd89e1 
# Declarations
Chris PeBenito fd89e1 
#
Chris PeBenito fd89e1
Chris PeBenito 8e0280 
attribute fixed_disk_raw_read;
Chris PeBenito 8e0280 
attribute fixed_disk_raw_write;
Chris PeBenito 8e0280 
attribute scsi_generic_read;
Chris PeBenito 8e0280 
attribute scsi_generic_write;
Chris PeBenito 8e0280
Chris PeBenito b4cd15 
#
Chris PeBenito b4cd15 
# fixed_disk_device_t is the type of
Chris PeBenito b4cd15 
# /dev/hd* and /dev/sd*.
Chris PeBenito b4cd15 
#
Chris PeBenito 017bab 
type fixed_disk_device_t alias lvm_vg_t;
Karl MacMillan f0c985 
dev_node(fixed_disk_device_t)
Chris PeBenito b4cd15
Chris PeBenito b4cd15 
neverallow ~fixed_disk_raw_read fixed_disk_device_t:{ chr_file blk_file } read;
Chris PeBenito b4cd15 
neverallow ~fixed_disk_raw_write fixed_disk_device_t:{ chr_file blk_file } { append write };
Chris PeBenito b4cd15
Chris PeBenito 8e0280 
#
Chris PeBenito b4cd15 
# scsi_generic_device_t is the type of /dev/sg*
Chris PeBenito b4cd15 
# it gives access to ALL SCSI devices (both fixed and removable)
Chris PeBenito b4cd15 
#
Chris PeBenito b4cd15 
type scsi_generic_device_t;
Karl MacMillan f0c985 
dev_node(scsi_generic_device_t)
Chris PeBenito b4cd15
Chris PeBenito b4cd15 
neverallow ~scsi_generic_read scsi_generic_device_t:{ chr_file blk_file } read;
Chris PeBenito b4cd15 
neverallow ~scsi_generic_write scsi_generic_device_t:{ chr_file blk_file } { append write };
Chris PeBenito b4cd15
Chris PeBenito b4cd15 
#
Chris PeBenito b4cd15 
# removable_device_t is the type of
Chris PeBenito b4cd15 
# /dev/scd* and /dev/fd*.
Chris PeBenito b4cd15 
#
Chris PeBenito b4cd15 
type removable_device_t;
Karl MacMillan f0c985 
dev_node(removable_device_t)
Chris PeBenito b4cd15
Chris PeBenito b4cd15 
#
Chris PeBenito b4cd15 
# tape_device_t is the type of
Chris PeBenito b4cd15 
#
Chris PeBenito b4cd15 
type tape_device_t;
Karl MacMillan f0c985 
dev_node(tape_device_t)

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation