Chris PeBenito 2705f9
# daemontools
Chris PeBenito 2705f9
Chris PeBenito 2705f9
/var/service/.*			system_u:object_r:svc_svc_t
Chris PeBenito 2705f9
Chris PeBenito 2705f9
# symlinks to /var/service/*
Chris PeBenito 2705f9
/service(/.*)?			system_u:object_r:svc_svc_t
Chris PeBenito 2705f9
Chris PeBenito 2705f9
# supervise scripts
Chris PeBenito 2705f9
/usr/bin/svc-add	--	system_u:object_r:svc_script_exec_t
Chris PeBenito 2705f9
/usr/bin/svc-isdown	--	system_u:object_r:svc_script_exec_t
Chris PeBenito 2705f9
/usr/bin/svc-isup	--	system_u:object_r:svc_script_exec_t
Chris PeBenito 2705f9
/usr/bin/svc-remove	--	system_u:object_r:svc_script_exec_t
Chris PeBenito 2705f9
/usr/bin/svc-start	--	system_u:object_r:svc_script_exec_t
Chris PeBenito 2705f9
/usr/bin/svc-status	--	system_u:object_r:svc_script_exec_t
Chris PeBenito 2705f9
/usr/bin/svc-stop	--	system_u:object_r:svc_script_exec_t
Chris PeBenito 2705f9
/usr/bin/svc-waitdown	--	system_u:object_r:svc_script_exec_t
Chris PeBenito 2705f9
/usr/bin/svc-waitup	--	system_u:object_r:svc_script_exec_t
Chris PeBenito 2705f9
Chris PeBenito 2705f9
# supervise init binaries
Chris PeBenito 2705f9
# these programs read/write to /service/*/supervise/* and /service/*/log/supervise/*
Chris PeBenito 2705f9
/usr/bin/svc		--	system_u:object_r:svc_start_exec_t
Chris PeBenito 2705f9
/usr/bin/svscan		--	system_u:object_r:svc_start_exec_t
Chris PeBenito 2705f9
/usr/bin/svscanboot	--	system_u:object_r:svc_start_exec_t
Chris PeBenito 2705f9
/usr/bin/svok		--	system_u:object_r:svc_start_exec_t
Chris PeBenito 2705f9
/usr/bin/supervise	--	system_u:object_r:svc_start_exec_t
Chris PeBenito 2705f9
Chris PeBenito 2705f9
# starting scripts
Chris PeBenito 2705f9
/var/service/.*/run.*		system_u:object_r:svc_run_exec_t
Chris PeBenito 2705f9
/var/service/.*/log/run		system_u:object_r:svc_run_exec_t
Chris PeBenito 2705f9
Chris PeBenito 2705f9
# configurations
Chris PeBenito 2705f9
/var/service/.*/env(/.*)?   system_u:object_r:svc_conf_t
Chris PeBenito 2705f9
Chris PeBenito 2705f9
# log
Chris PeBenito 2705f9
/var/service/.*/log/main(/.*)?  system_u:object_r:svc_log_t
Chris PeBenito 2705f9
Chris PeBenito 2705f9
# programs that impose a given environment to daemons
Chris PeBenito 2705f9
/usr/bin/softlimit	--	system_u:object_r:svc_run_exec_t
Chris PeBenito 2705f9
/usr/bin/setuidgid	--	system_u:object_r:svc_run_exec_t
Chris PeBenito 2705f9
/usr/bin/envuidgid	--	system_u:object_r:svc_run_exec_t
Chris PeBenito 2705f9
/usr/bin/envdir		--	system_u:object_r:svc_run_exec_t
Chris PeBenito 2705f9
/usr/bin/setlock	--	system_u:object_r:svc_run_exec_t
Chris PeBenito 2705f9
Chris PeBenito 2705f9
# helper programs
Chris PeBenito 2705f9
/usr/bin/fghack		--	system_u:object_r:svc_run_exec_t
Chris PeBenito 2705f9
/usr/bin/pgrphack	--	system_u:object_r:svc_run_exec_t
Chris PeBenito 2705f9
Chris PeBenito 2705f9
/var/run/svscan\.pid	--	system_u:object_r:initrc_var_run_t
Chris PeBenito 2705f9
# daemontools logger # writes to service/*/log/main/ and /var/log/*/
Chris PeBenito 2705f9
/usr/bin/multilog	--	system_u:object_r:svc_multilog_exec_t
Chris PeBenito 2705f9
Chris PeBenito 2705f9
/sbin/svcinit       --  system_u:object_r:initrc_exec_t
Chris PeBenito 2705f9
/sbin/runsvcscript\.sh	--	system_u:object_r:initrc_exec_t
Chris PeBenito 2705f9