12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667 |
- policy_module(mysqldump, 0.1.5)
- #################################
- #
- # Declarations
- #
- type mysqldump_t;
- type mysqldump_exec_t;
- init_system_domain(mysqldump_t, mysqldump_exec_t)
- type mysqldump_var_t;
- files_type(mysqldump_var_t)
- ########################################
- #
- # Local policy
- #
- allow mysqldump_t self:fifo_file { read write getattr ioctl };
- allow mysqldump_t self:process signal;
- optional_policy(`
- mysql_stream_connect(mysqldump_t)
- ')
- corecmd_exec_shell(mysqldump_t)
- corecmd_exec_bin(mysqldump_t)
- auth_use_nsswitch(mysqldump_t)
- miscfiles_read_localization(mysqldump_t)
- kernel_read_system_state(mysqldump_t)
- manage_dirs_pattern(mysqldump_t, mysqldump_var_t, mysqldump_var_t)
- manage_files_pattern(mysqldump_t, mysqldump_var_t, mysqldump_var_t)
- type_transition mysqldump_t mysqldump_var_t:file mysqldump_var_t;
- optional_policy(`
- gen_require(`
- type mysqld_etc_t;
- ')
- allow mysqldump_t mysqld_etc_t:dir { read open search getattr };
- allow mysqldump_t mysqld_etc_t:file { read getattr open };
- allow mysqldump_t mysqld_etc_t:lnk_file read;
- ')
- optional_policy(`
- gen_require(`
- type crond_tmp_t;
- ')
- allow mysqldump_t crond_tmp_t:file { read write ioctl };
- ')
- optional_policy(`
- gen_require(`
- type usr_t;
- ')
- allow mysqldump_t usr_t:file { read getattr open };
- ')
- optional_policy(`
- gen_require(`
- type backup_store_t;
- ')
- search_dirs_pattern(mysqldump_t, backup_store_t, backup_store_t)
- ')
- cron_system_entry(mysqldump_t, mysqldump_exec_t)
|