Blame strict/domains/program/howl.te
|
Chris PeBenito |
0fbfa5 |
#DESC howl - port of Apple Rendezvous multicast DNS
|
|
Chris PeBenito |
0fbfa5 |
#
|
|
Chris PeBenito |
0fbfa5 |
# Author: Russell Coker <rcoker@redhat.com>
|
|
Chris PeBenito |
0fbfa5 |
#
|
|
Chris PeBenito |
0fbfa5 |
|
|
Chris PeBenito |
0fbfa5 |
daemon_domain(howl)
|
|
Chris PeBenito |
0fbfa5 |
r_dir_file(howl_t, proc_net_t)
|
|
Chris PeBenito |
0fbfa5 |
can_network_server(howl_t)
|
|
Chris PeBenito |
0fbfa5 |
can_ypbind(howl_t)
|
|
Chris PeBenito |
0fbfa5 |
allow howl_t self:unix_dgram_socket create_socket_perms;
|
|
Chris PeBenito |
0fbfa5 |
allow howl_t self:capability { kill net_admin sys_module };
|
|
Chris PeBenito |
0fbfa5 |
|
|
Chris PeBenito |
0fbfa5 |
allow howl_t self:fifo_file rw_file_perms;
|
|
Chris PeBenito |
0fbfa5 |
|
|
Chris PeBenito |
0fbfa5 |
type howl_port_t, port_type;
|
|
Chris PeBenito |
0fbfa5 |
allow howl_t howl_port_t:{ udp_socket tcp_socket } name_bind;
|
|
Chris PeBenito |
0fbfa5 |
|
|
Chris PeBenito |
0fbfa5 |
allow howl_t self:unix_dgram_socket create_socket_perms;
|
|
Chris PeBenito |
0fbfa5 |
|
|
Chris PeBenito |
0fbfa5 |
allow howl_t etc_t:file { getattr read };
|
|
Chris PeBenito |
0fbfa5 |
allow howl_t initrc_var_run_t:file rw_file_perms;
|
|
Chris PeBenito |
0fbfa5 |
|