sysadm_additional.te 690 B

1234567891011121314151617181920212223
  1. policy_module(sysadm_additional, 0.0.11)
  2. require {
  3. type sysadm_t;
  4. type atop_initrc_exec_t;
  5. type atop_t;
  6. type atop_unit_t;
  7. type phpfpm_t;
  8. type phpfpm_initrc_exec_t;
  9. type phpfpm_unit_t;
  10. type spamd_t;
  11. type spamd_initrc_exec_t;
  12. type spamassassin_unit_t;
  13. type unconfined_t;
  14. role sysadm_r;
  15. }
  16. init_startstop_service(sysadm_t, sysadm_r, atop_t, atop_initrc_exec_t, atop_unit_t)
  17. init_startstop_service(sysadm_t, sysadm_r, spamd_t, spamd_initrc_exec_t, spamd_unit_t)
  18. init_startstop_service(sysadm_t, sysadm_r, phpfpm_t, phpfpm_initrc_exec_t, phpfpm_unit_t)
  19. logging_admin_syslog(sysadm_t, sysadm_r)
  20. logging_admin_audit(sysadm_t, sysadm_r)
  21. allow sysadm_t unconfined_t:fd use;