Blame strict/domains/program/unused/monopd.te
|
Chris PeBenito |
0fbfa5 |
#DESC MonopD - Monopoly Daemon
|
|
Chris PeBenito |
0fbfa5 |
#
|
|
Chris PeBenito |
0fbfa5 |
# Author: Torsten Knodt <tk-selinux@datas-world.de>
|
|
Chris PeBenito |
0fbfa5 |
# based on the dhcpd_t policy from:
|
|
Chris PeBenito |
0fbfa5 |
# Russell Coker <russell@coker.com.au>
|
|
Chris PeBenito |
0fbfa5 |
#
|
|
Chris PeBenito |
0fbfa5 |
|
|
Chris PeBenito |
0fbfa5 |
#################################
|
|
Chris PeBenito |
0fbfa5 |
#
|
|
Chris PeBenito |
0fbfa5 |
# Rules for the monopd_t domain.
|
|
Chris PeBenito |
0fbfa5 |
#
|
|
Chris PeBenito |
0fbfa5 |
daemon_domain(monopd)
|
|
Chris PeBenito |
0fbfa5 |
|
|
Chris PeBenito |
0fbfa5 |
type etc_monopd_t, file_type, sysadmfile;
|
|
Chris PeBenito |
0fbfa5 |
type share_monopd_t, file_type, sysadmfile;
|
|
Chris PeBenito |
0fbfa5 |
|
|
Chris PeBenito |
0fbfa5 |
# Use the network.
|
|
Chris PeBenito |
0fbfa5 |
can_network_server(monopd_t)
|
|
Chris PeBenito |
0fbfa5 |
can_ypbind(monopd_t)
|
|
Chris PeBenito |
0fbfa5 |
|
|
Chris PeBenito |
0fbfa5 |
type monopd_port_t, port_type;
|
|
Chris PeBenito |
0fbfa5 |
allow monopd_t monopd_port_t:tcp_socket name_bind;
|
|
Chris PeBenito |
0fbfa5 |
|
|
Chris PeBenito |
0fbfa5 |
r_dir_file(monopd_t,etc_monopd_t)
|
|
Chris PeBenito |
0fbfa5 |
r_dir_file(monopd_t,share_monopd_t)
|
|
Chris PeBenito |
0fbfa5 |
|
|
Chris PeBenito |
0fbfa5 |
allow monopd_t self:unix_dgram_socket create_socket_perms;
|
|
Chris PeBenito |
0fbfa5 |
allow monopd_t self:unix_stream_socket create_socket_perms;
|
|
Chris PeBenito |
0fbfa5 |
|
|
Chris PeBenito |
0fbfa5 |
r_dir_file(monopd_t, etc_t)
|