Home Explore Help
Sign In
Hoshpak
/
gentoo-selinux-policies
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
gentoo-selinux-...
/
jabber_additional.te

jabber_additional.te 1.4 KB
Permalink History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647 
  1. policy_module(jabber_additional, 0.0.6)
    2. 

  2. 

  3. require {
    4. 

  4.   type jabberd_t;
    5. 

  5.   type jabberd_var_lib_t;
    6. 

  6.   type faillog_t;
    7. 

  7.   type initrc_runtime_t;
    8. 

  8. }
    9. 

  9. 

  10. type jabber_unit_t;
    11. 

  11. init_unit_file(jabber_unit_t)
    12. 

  12. 

  13. type jabberd_var_cache_t;
    14. 

  14. files_type(jabberd_var_cache_t)
    15. 

  15. 

  16. allow jabberd_t self:process { getsched setsched };
    17. 

  17. allow jabberd_t self:capability { dac_read_search setgid setuid chown fowner };
    18. 

  18. 

  19. manage_dirs_pattern(jabberd_t, jabberd_var_cache_t, jabberd_var_cache_t)
    20. 

  20. manage_files_pattern(jabberd_t, jabberd_var_cache_t, jabberd_var_cache_t)
    21. 

  21. type_transition jabberd_t jabberd_var_cache_t:{ file dir } jabberd_var_cache_t;
    22. 

  22. 

  23. allow jabberd_t initrc_runtime_t:file { lock open read };
    24. 

  24. 

  25. kernel_read_vm_overcommit_sysctl(jabberd_t)
    26. 

  26. files_search_spool(jabberd_t)
    27. 

  27. 

  28. su_exec(jabberd_t)
    29. 

  29. auth_domtrans_chk_passwd(jabberd_t)
    30. 

  30. selinux_compute_access_vector(jabberd_t)
    31. 

  31. auth_read_shadow(jabberd_t)
    32. 

  32. miscfiles_read_generic_certs(jabberd_t)
    33. 

  33. 

  34. corecmd_exec_shell(jabberd_t)
    35. 

  35. 

  36. corenet_tcp_bind_epmd_port(jabberd_t)
    37. 

  37. corenet_tcp_connect_epmd_port(jabberd_t)
    38. 

  38. corenet_tcp_connect_ldap_port(jabberd_t)
    39. 

  39. corenet_tcp_bind_all_unreserved_ports(jabberd_t)
    40. 

  40. corenet_udp_bind_all_unreserved_ports(jabberd_t)
    41. 

  41. corenet_tcp_connect_all_unreserved_ports(jabberd_t)
    42. 

  42. 

  43. files_read_generic_tmp_files(jabberd_t)
    44. 

  44. 

  45. auth_rw_faillog(jabberd_t)
    46. 

  46. manage_dirs_pattern(jabberd_t, faillog_t, faillog_t)
    47. 

  47. manage_files_pattern(jabberd_t, faillog_t, faillog_t)
    48.