| 1234567891011121314151617181920212223242526272829303132333435363738394041 |
- policy_module(nats, 0.0.2)
- ########################################
- #
- # Declarations
- #
- type nats_t;
- type nats_exec_t;
- init_daemon_domain(nats_t, nats_exec_t)
- type nats_etc_t;
- files_config_file(nats_etc_t)
- allow nats_t self:fifo_file { read write };
- allow nats_t self:netlink_route_socket { bind create getattr nlmsg_read read write };
- allow nats_t self:process { getsched signal };
- allow nats_t self:tcp_socket { accept bind create getattr listen read setopt write };
- allow nats_t self:unix_dgram_socket { connect create getattr write };
- logging_send_syslog_msg(nats_t)
- read_files_pattern(nats_t, nats_etc_t, nats_etc_t)
- miscfiles_read_localization(nats_t)
- corenet_tcp_bind_generic_node(nats_t)
- kernel_read_net_sysctls(nats_t)
- dev_read_sysfs(nats_t)
- corenet_tcp_bind_all_unreserved_ports(nats_t)
- optional_policy(`
- gen_require(`
- type supervisor_t;
- ')
- supervisor_service_domain(nats_t,nats_exec_t)
- ')
|
