| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849 |
- policy_module(overviewer, 0.1.2)
- #################################
- #
- # Declarations
- #
- type overviewer_t;
- type overviewer_exec_t;
- init_system_domain(overviewer_t, overviewer_exec_t)
- ########################################
- #
- # Local policy
- #
- allow overviewer_t self:fifo_file { getattr ioctl read write };
- gen_require(`
- type minecraft_opt_t;
- ')
- search_dirs_pattern(overviewer_t, minecraft_opt_t, minecraft_opt_t)
- read_files_pattern(overviewer_t, minecraft_opt_t, minecraft_opt_t)
- allow overviewer_t minecraft_opt_t:dir read;
- apache_manage_sys_content(overviewer_t)
- corecmd_exec_all_executables(overviewer_t)
- corecmd_exec_shell(overviewer_t)
- files_read_etc_files(overviewer_t)
- files_manage_generic_tmp_files(overviewer_t)
- miscfiles_read_localization(overviewer_t)
- dev_read_urand(overviewer_t)
- gen_require(`
- type tmp_t;
- ')
- allow overviewer_t tmp_t:file execute;
- optional_policy(`
- cron_system_entry(overviewer_t, overviewer_exec_t)
- ')
- gen_require(`
- type crond_tmp_t;
- ')
- allow overviewer_t crond_tmp_t:file { read write ioctl getattr };
|
