| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455 |
- policy_module(terraria, 0.1.4)
- ########################################
- #
- # Declarations
- #
- attribute_role terraria_roles;
- type terraria_t;
- type terraria_exec_t;
- init_daemon_domain(terraria_t,terraria_exec_t)
- type terraria_opt_t;
- files_type(terraria_opt_t)
- type terraria_tmp_t;
- files_tmp_file(terraria_tmp_t)
- ########################################
- #
- # Local policy
- #
- allow terraria_t self:process { execmem signal signull getsched };
- allow terraria_t self:tcp_socket { bind create setopt shutdown accept listen };
- auth_use_nsswitch(terraria_t)
- miscfiles_read_localization(terraria_t)
- corenet_tcp_bind_all_unreserved_ports(terraria_t)
- corenet_tcp_bind_generic_node(terraria_t)
- kernel_read_system_state(terraria_t)
- fs_manage_tmpfs_files(terraria_t)
- kernel_read_vm_sysctls(terraria_t)
- fs_getattr_tmpfs(terraria_t)
- dev_read_sysfs(terraria_t)
- manage_dirs_pattern(terraria_t,terraria_opt_t,terraria_opt_t)
- manage_files_pattern(terraria_t,terraria_opt_t,terraria_opt_t)
- allow terraria_t terraria_opt_t:file execute;
- type_transition terraria_t terraria_opt_t:file terraria_opt_t;
- type_transition terraria_t terraria_opt_t:dir terraria_opt_t;
- manage_dirs_pattern(terraria_t,terraria_tmp_t,terraria_tmp_t)
- manage_files_pattern(terraria_t,terraria_tmp_t,terraria_tmp_t)
- files_tmp_filetrans(terraria_t,terraria_tmp_t, file)
- optional_policy(`
- gen_require(`
- type supervisor_t;
- ')
- supervisor_service_domain(terraria_t,terraria_exec_t)
- allow supervisor_t terraria_opt_t:dir search;
- allow supervisor_t terraria_t:process { siginh rlimitinh noatsecure };
- ')
|
