rpms / selinux-policy

Clone
Source Code
GIT

Blame refpolicy/policy/modules/system/udev.if

c10s-sig-hyperscale c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   cabfa520aa7d7595cb4a96717d7760878af3e592
  2.   refpolicy
  3.   policy
  4.   modules
  5.   system
  6.   udev.if
Blob History Raw
Chris PeBenito dfb86a
Chris PeBenito dfb86a 
#######################################
Chris PeBenito dfb86a 
#
Chris PeBenito bd202f 
# udev_transition(domain)
Chris PeBenito dfb86a 
#
Chris PeBenito dfb86a 
define(`udev_transition',`
Chris PeBenito bd202f 
requires_block_template(`$0'_depend)
Chris PeBenito dfb86a 
allow $1 udev_exec_t:file { getattr read execute };
Chris PeBenito dfb86a 
allow $1 udev_t:process transition;
Chris PeBenito e7fcdc 
type_transition $1 udev_exec_t:process udev_t;
Chris PeBenito dfb86a 
dontaudit $1 udev_t:process { noatsecure siginh rlimitinh };
Chris PeBenito 4bf4ed 
allow $1 udev_t:fd use;
Chris PeBenito f5c42b 
allow udev_t $1:fd use;
Chris PeBenito 4bf4ed 
allow udev_t $1:fifo_file rw_file_perms;
Chris PeBenito f5c42b 
allow udev_t $1:process sigchld;
Chris PeBenito dfb86a 
')
Chris PeBenito dfb86a
Chris PeBenito dfb86a 
define(`udev_transition_depend',`
Chris PeBenito dfb86a 
type udev_t, udev_exec_t;
Chris PeBenito dfb86a 
class file { getattr read execute };
Chris PeBenito f5c42b 
class process { transition noatsecure siginh rlimitinh sigchld };
Chris PeBenito 4bf4ed 
class fd use;
Chris PeBenito 4bf4ed 
class fifo_file rw_file_perms;
Chris PeBenito dfb86a 
')
Chris PeBenito dfb86a
Chris PeBenito dfb86a 
########################################
Chris PeBenito dfb86a 
#
Chris PeBenito bd202f 
# udev_read_database(domain)
Chris PeBenito dfb86a 
#
Chris PeBenito dfb86a 
define(`udev_read_database',`
Chris PeBenito bd202f 
requires_block_template(`$0'_depend)
Chris PeBenito dfb86a 
allow $1 udev_tdb_t:file { getattr read };
Chris PeBenito dfb86a 
')
Chris PeBenito dfb86a
Chris PeBenito dfb86a 
define(`udev_read_database_depend',`
Chris PeBenito dfb86a 
type udev_tdb_t;
Chris PeBenito dfb86a 
class file { getattr read };
Chris PeBenito dfb86a 
')
Chris PeBenito 7bba9d
Chris PeBenito 7bba9d 
########################################
Chris PeBenito 7bba9d 
#
Chris PeBenito 7bba9d 
# udev_modify_database(domain)
Chris PeBenito 7bba9d 
#
Chris PeBenito 7bba9d 
define(`udev_modify_database',`
Chris PeBenito 7bba9d 
requires_block_template(`$0'_depend)
Chris PeBenito 7bba9d 
allow $1 udev_tdb_t:file { getattr read write append };
Chris PeBenito 7bba9d 
')
Chris PeBenito 7bba9d
Chris PeBenito 7bba9d 
define(`udev_modify_database_depend',`
Chris PeBenito 7bba9d 
type udev_tdb_t;
Chris PeBenito 7bba9d 
class file { getattr read write append };
Chris PeBenito 7bba9d 
')

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation