rpms / selinux-policy

Clone
Source Code
GIT

Blame targeted/domains/program/crond.te

c10s-sig-hyperscale c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   3e6c816ddd8f3e9f7a9e0585d40ad8f8cfc73ad2
  2.   targeted
  3.   domains
  4.   program
  5.   crond.te
Blob History Raw
Chris PeBenito ab58ad 
#DESC crond
Chris PeBenito ab58ad 
#
Chris PeBenito ab58ad 
# Authors:  Daniel Walsh <dwalsh@redhat.com>
Chris PeBenito ab58ad 
#
Chris PeBenito ab58ad
Chris PeBenito ab58ad 
#################################
Chris PeBenito ab58ad 
#
Chris PeBenito ab58ad 
# Rules for the crond domain.
Chris PeBenito ab58ad 
#
Chris PeBenito ab58ad 
# crond_exec_t is the type of the /usr/sbin/crond and other programs.
Chris PeBenito ab58ad 
# This domain is defined just for targeted policy.
Chris PeBenito ab58ad 
#
Chris PeBenito ab58ad 
type crond_exec_t, file_type, sysadmfile, exec_type;
Chris PeBenito ab58ad 
type crond_t, domain, privuser, privrole, privfd, privowner;
Chris PeBenito ab58ad 
typealias crond_t alias system_crond_t;
Chris PeBenito ab58ad 
type anacron_exec_t, file_type, sysadmfile, exec_type;
Chris PeBenito ab58ad 
type system_crond_tmp_t, file_type, tmpfile, sysadmfile;
Chris PeBenito ab58ad 
type system_cron_spool_t, file_type, sysadmfile;
Chris PeBenito ab58ad 
type sysadm_cron_spool_t, file_type, sysadmfile;
Chris PeBenito ab58ad 
role system_r types crond_t;
Chris PeBenito ab58ad 
domain_auto_trans(initrc_t, crond_exec_t, crond_t)
Chris PeBenito ab58ad 
domain_auto_trans(initrc_t, anacron_exec_t, crond_t)
Chris PeBenito ab58ad 
# Access log files
Chris PeBenito ab58ad 
file_type_auto_trans(crond_t, user_home_dir_t, user_home_t)
Chris PeBenito ab58ad 
file_type_auto_trans(crond_t, tmp_t, system_crond_tmp_t)
Chris PeBenito ab58ad 
var_run_domain(crond)
Chris PeBenito ab58ad
Chris PeBenito ab58ad 
ifdef(`targeted_policy', `
Chris PeBenito ab58ad 
unconfined_domain(crond_t)
Chris PeBenito ab58ad 
allow crond_t initrc_t:dbus send_msg;
Chris PeBenito ab58ad 
allow crond_t unconfined_t:dbus send_msg;
Chris PeBenito ab58ad 
allow crond_t unconfined_t:process transition;
Chris PeBenito ab58ad 
')

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation