| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647 |
- policy_module(phpfpm_additional, 0.0.7)
- require {
- type phpfpm_t;
- type etc_t;
- type httpd_sys_content_t;
- type phpfpm_tmp_t;
- type usr_t;
- type httpd_sys_ra_content_t;
- }
- type phpfpm_initrc_exec_t;
- init_script_file(phpfpm_initrc_exec_t)
- type phpfpm_unit_t;
- init_unit_file(phpfpm_unit_t)
- allow phpfpm_t self:process sigkill;
- allow phpfpm_t phpfpm_tmp_t:lnk_file { create unlink };
- miscfiles_read_all_certs(phpfpm_t)
- miscfiles_read_fonts(phpfpm_t)
- corecmd_exec_shell(phpfpm_t)
- corenet_tcp_connect_pop_port(phpfpm_t)
- corenet_tcp_connect_http_port(phpfpm_t)
- corenet_tcp_connect_sieve_port(phpfpm_t)
- corenet_tcp_connect_smtp_port(phpfpm_t)
- files_tmp_filetrans(phpfpm_t, phpfpm_tmp_t, lnk_file)
- apache_manage_sys_content(phpfpm_t)
- manage_dirs_pattern(phpfpm_t, httpd_sys_ra_content_t, httpd_sys_ra_content_t)
- fs_mmap_rw_hugetlbfs_files(phpfpm_t)
- allow phpfpm_t etc_t:file map;
- allow phpfpm_t httpd_sys_content_t:file map;
- allow phpfpm_t phpfpm_tmp_t:file map;
- allow phpfpm_t usr_t:file map;
- mta_sendmail_exec(phpfpm_t)
- mta_send_mail(phpfpm_t)
- mta_signal_system_mail(phpfpm_t)
- logging_send_syslog_msg(phpfpm_t)
|
