Blame strict/domains/program/saslauthd.te
|
Chris PeBenito |
0fbfa5 |
#DESC saslauthd - Authentication daemon for SASL
|
|
Chris PeBenito |
0fbfa5 |
#
|
|
Chris PeBenito |
0fbfa5 |
# Author: Colin Walters <walters@verbum.org>
|
|
Chris PeBenito |
0fbfa5 |
#
|
|
Chris PeBenito |
0fbfa5 |
|
|
Chris PeBenito |
0fbfa5 |
daemon_domain(saslauthd, `, auth_chkpwd')
|
|
Chris PeBenito |
0fbfa5 |
|
|
Chris PeBenito |
0fbfa5 |
allow saslauthd_t self:fifo_file { read write };
|
|
Chris PeBenito |
0fbfa5 |
allow saslauthd_t self:unix_dgram_socket create_socket_perms;
|
|
Chris PeBenito |
0fbfa5 |
allow saslauthd_t self:unix_stream_socket create_stream_socket_perms;
|
|
Chris PeBenito |
0fbfa5 |
allow saslauthd_t saslauthd_var_run_t:sock_file create_file_perms;
|
|
Chris PeBenito |
0fbfa5 |
|
|
Chris PeBenito |
0fbfa5 |
allow saslauthd_t etc_t:dir { getattr search };
|
|
Chris PeBenito |
0fbfa5 |
allow saslauthd_t etc_t:file r_file_perms;
|
|
Chris PeBenito |
0fbfa5 |
allow saslauthd_t net_conf_t:file r_file_perms;
|
|
Chris PeBenito |
0fbfa5 |
|
|
Chris PeBenito |
0fbfa5 |
allow saslauthd_t self:file r_file_perms;
|
|
Chris PeBenito |
0fbfa5 |
allow saslauthd_t proc_t:file read;
|
|
Chris PeBenito |
0fbfa5 |
|
|
Chris PeBenito |
0fbfa5 |
allow saslauthd_t urandom_device_t:chr_file { getattr read };
|
|
Chris PeBenito |
0fbfa5 |
|
|
Chris PeBenito |
0fbfa5 |
# Needs investigation
|
|
Chris PeBenito |
0fbfa5 |
dontaudit saslauthd_t home_root_t:dir getattr;
|