rpms / selinux-policy

Clone
Source Code
GIT

Blame refpolicy/policy/modules/system/raid.if

c10s-sig-hyperscale c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   b77d019f1414e405c05429ca45e54369ee9d6dcf
  2.   refpolicy
  3.   policy
  4.   modules
  5.   system
  6.   raid.if
Blob History Raw
Chris PeBenito 50aca6 
## <summary>RAID array management tools</summary>
Chris PeBenito 50aca6
Chris PeBenito 50aca6 
########################################
Chris PeBenito 50aca6 
## <summary>
Chris PeBenito 50aca6 
##	Execute software raid tools in the mdadm domain.
Chris PeBenito 50aca6 
## </summary>
Chris PeBenito 50aca6 
## <param name="domain">
Chris PeBenito 50aca6 
##	The type of the process performing this action.
Chris PeBenito 50aca6 
## </param>
Chris PeBenito 50aca6 
#
Chris PeBenito 50aca6 
interface(`raid_domtrans_mdadm',`
Chris PeBenito 50aca6 
	gen_require(`
Chris PeBenito 50aca6 
		type mdadm_t, mdadm_exec_t;
Chris PeBenito 50aca6 
	')
Chris PeBenito 50aca6
Chris PeBenito 50aca6 
	corecmd_search_sbin($1)
Chris PeBenito 50aca6 
	domain_auto_trans($1,mdadm_exec_t,mdadm_t)
Chris PeBenito 50aca6
Chris PeBenito 50aca6 
	allow $1 mdadm_t:fd use;
Chris PeBenito 50aca6 
	allow mdadm_t $1:fd use;
Chris PeBenito 50aca6 
	allow mdadm_t $1:fifo_file rw_file_perms;
Chris PeBenito 50aca6 
	allow mdadm_t $1:process sigchld;
Chris PeBenito 50aca6 
')
Chris PeBenito a5f339
Chris PeBenito a5f339 
########################################
Chris PeBenito a5f339 
## <summary>
Chris PeBenito a5f339 
##	Create, read, write, and delete the mdadm pid files.
Chris PeBenito a5f339 
## </summary>
Chris PeBenito a5f339 
## <desc>
Chris PeBenito a5f339 
##
Chris PeBenito a5f339 
##	Create, read, write, and delete the mdadm pid files.
Chris PeBenito a5f339 
##
Chris PeBenito a5f339 
##
Chris PeBenito a5f339 
##	Added for use in the init module.
Chris PeBenito a5f339 
##
Chris PeBenito a5f339 
## </desc>
Chris PeBenito a5f339 
## <param name="domain">
Chris PeBenito a5f339 
##	The type of the process performing this action.
Chris PeBenito a5f339 
## </param>
Chris PeBenito a5f339 
#
Chris PeBenito a5f339 
interface(`raid_manage_mdadm_pid',`
Chris PeBenito a5f339 
	gen_require(`
Chris PeBenito a5f339 
		type mdadm_var_run_t;
Chris PeBenito a5f339 
	')
Chris PeBenito a5f339
Chris PeBenito a5f339 
	# FIXME: maybe should have a type_transition.  not
Chris PeBenito a5f339 
	# clear what this is doing, from the original
Chris PeBenito a5f339 
	# mdadm policy
Chris PeBenito a5f339 
	allow $1 mdadm_var_run_t:file create_file_perms;
Chris PeBenito a5f339 
')

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation