| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263 |
- policy_module(janus, 0.0.3)
- ########################################
- #
- # Declarations
- #
- type janus_t;
- type janus_exec_t;
- init_daemon_domain(janus_t, janus_exec_t)
- type janus_var_log_t;
- logging_log_file(janus_var_log_t)
- type janus_local_etc_t;
- files_config_file(janus_local_etc_t)
- type janus_local_share_t;
- files_type(janus_local_share_t)
- allow janus_t self:fifo_file { read write };
- allow janus_t self:netlink_route_socket { bind create getattr nlmsg_read read write };
- allow janus_t self:process { getsched setsched };
- allow janus_t self:rawip_socket create;
- allow janus_t self:tcp_socket { accept bind create getattr listen read setopt shutdown write };
- allow janus_t self:udp_socket { bind connect create getattr ioctl read setopt write };
- allow janus_t self:unix_dgram_socket { create ioctl };
- manage_dirs_pattern(janus_t, janus_var_log_t, janus_var_log_t)
- manage_files_pattern(janus_t, janus_var_log_t, janus_var_log_t)
- logging_log_filetrans(janus_t, janus_var_log_t, file)
- read_files_pattern(janus_t, janus_local_etc_t, janus_local_etc_t)
- search_dirs_pattern(janus_t, janus_local_etc_t, janus_local_etc_t)
- read_files_pattern(janus_t, janus_local_share_t, janus_local_share_t)
- search_dirs_pattern(janus_t, janus_local_share_t, janus_local_share_t)
- auth_use_nsswitch(janus_t)
- miscfiles_read_localization(janus_t)
- miscfiles_read_all_certs(janus_t)
- sysnet_read_config(janus_t)
- corenet_tcp_bind_generic_node(janus_t)
- corenet_udp_bind_generic_node(janus_t)
- corenet_tcp_bind_all_unreserved_ports(janus_t)
- corenet_udp_bind_all_unreserved_ports(janus_t)
- kernel_read_network_state(janus_t)
- kernel_read_vm_overcommit_sysctl(janus_t)
- dev_read_urand(janus_t)
- optional_policy(`
- gen_require(`
- type supervisor_t;
- ')
- supervisor_service_domain(janus_t,janus_exec_t)
- ')
|
