Главная Обзор Помощь
Вход
Hoshpak
/
gentoo-selinux-policies
1
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Дерево: 4c3c785ab2
Ветки Метки
gentoo-selinux-...
/
portage_additional.te

portage_additional.te 1.0 KB
История Исходник

12345678910111213141516171819202122232425262728293031323334353637 
  1. policy_module(portage_additional, 0.0.4)
    2. 

  2. 

  3. require {
    4. 

  4.   type portage_fetch_t;
    5. 

  5.   type portage_sandbox_t;
    6. 

  6.   type portage_t;
    7. 

  7.   type etc_t;
    8. 

  8.   type ldconfig_cache_t;
    9. 

  9.   type unlabeled_t;
    10. 

  10.   type usr_t;
    11. 

  11. }
    12. 

  12. 

  13. files_list_boot(portage_fetch_t)
    14. 

  14. files_list_default(portage_fetch_t)
    15. 

  15. files_rw_etc_files(portage_fetch_t)
    16. 

  16. kernel_read_crypto_sysctls(portage_fetch_t)
    17. 

  17. dev_read_urand(portage_fetch_t)
    18. 

  18. files_manage_var_files(portage_fetch_t)
    19. 

  19. files_manage_var_dirs(portage_fetch_t)
    20. 

  20. files_search_src(portage_fetch_t)
    21. 

  21. files_getattr_usr_src_files(portage_fetch_t)
    22. 

  22. 

  23. allow portage_fetch_t etc_t:file link;
    24. 

  24. 

  25. corenet_udp_bind_generic_node(portage_t)
    26. 

  26. files_manage_etc_files(portage_t)
    27. 

  27. kernel_read_crypto_sysctls(portage_t)
    28. 

  28. allow portage_t self:process ptrace;
    29. 

  29. allow portage_t self:capability sys_resource;
    30. 

  30. allow portage_t unlabeled_t:file { execute execute_no_trans map relabelfrom relabelto };
    31. 

  31. allow portage_t usr_t:file { execute execute_no_trans };
    32. 

  32. allow portage_t etc_t:file { relabelfrom relabelto };
    33. 

  33. 

  34. 

  35. 

  36. allow portage_sandbox_t ldconfig_cache_t:file map;
    37. 

  37. dev_rw_zero(portage_sandbox_t)
    38.