Tree - rpms/selinux-policy - CentOS Git server

rpms / selinux-policy

Blame strict/macros/program/iceauth_macros.te

Blob History Raw

Chris PeBenito	2705f9	`#`
Chris PeBenito	2705f9	`# Macros for iceauth domains.`
Chris PeBenito	2705f9	`#`
Chris PeBenito	2705f9	`# Author: Ivan Gyurdiev <gyurdiev@redhat.com>`
Chris PeBenito	2705f9	`#`
Chris PeBenito	2705f9	`# iceauth_domain(domain_prefix)`
Chris PeBenito	2705f9
Chris PeBenito	2705f9	define(`iceauth_domain',`
Chris PeBenito	2705f9
Chris PeBenito	2705f9	`# Program type`
Chris PeBenito	2705f9	`type $1_iceauth_t, domain;`
Chris PeBenito	2705f9
Chris PeBenito	2705f9	`# Transition from the user domain to this domain.`
Chris PeBenito	2705f9	`domain_auto_trans($1_t, iceauth_exec_t, $1_iceauth_t)`
Chris PeBenito	2705f9	`role $1_r types $1_iceauth_t;`
Chris PeBenito	2705f9
Chris PeBenito	2705f9	`# Store .ICEauthority files`
Chris PeBenito	2705f9	`home_domain($1, iceauth)`
Chris PeBenito	2705f9	`file_type_auto_trans($1_iceauth_t, $1_home_dir_t, $1_iceauth_home_t, file)`
Chris PeBenito	2705f9
Chris PeBenito	2705f9	`# Supress xdm trying to restore .ICEauthority permissions`
Chris PeBenito	2705f9	ifdef(`xdm.te', `
Chris PeBenito	2705f9	`dontaudit xdm_t $1_iceauth_home_t:file r_file_perms;`
Chris PeBenito	2705f9	`')`
Chris PeBenito	2705f9
Chris PeBenito	2705f9	`# /root`
Chris PeBenito	2705f9	`allow $1_iceauth_t root_t:dir search;`
Chris PeBenito	2705f9
Chris PeBenito	2705f9	`# Terminal output`
Chris PeBenito	2705f9	`access_terminal($1_iceauth_t, $1)`
Chris PeBenito	2705f9
Chris PeBenito	2705f9	`uses_shlib($1_iceauth_t)`
Chris PeBenito	2705f9
Chris PeBenito	2705f9	`# ???`
Chris PeBenito	2705f9	`allow $1_iceauth_t etc_t:dir search;`
Chris PeBenito	2705f9	`allow $1_iceauth_t usr_t:dir search;`
Chris PeBenito	2705f9
Chris PeBenito	2705f9	`# FIXME: policy is incomplete`
Chris PeBenito	2705f9
Chris PeBenito	2705f9	`')dnl end xauth_domain macro`

rpms / selinux-policy

Source Code

Blame strict/macros/program/iceauth_macros.te