[selinux-policy: 56/3172] add init_t:fd use interface and initrc pty rw interface
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 19:09:49 UTC 2010
commit 889c9a97897b102eb1d2a561b0cb4c66564fa68f
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Wed Apr 27 21:56:12 2005 +0000
add init_t:fd use interface and initrc pty rw interface
refpolicy/policy/modules/system/init.if | 28 ++++++++++++++++++++++++++++
1 files changed, 28 insertions(+), 0 deletions(-)
---
diff --git a/refpolicy/policy/modules/system/init.if b/refpolicy/policy/modules/system/init.if
index e7b25d7..b277170 100644
--- a/refpolicy/policy/modules/system/init.if
+++ b/refpolicy/policy/modules/system/init.if
@@ -34,6 +34,20 @@ class process sigchld;
########################################
#
+# init_use_file_descriptors(domain,[`optional'])
+#
+define(`init_use_file_descriptors',`
+requires_block_template(init_use_file_descriptors_depend,$2)
+allow $1 init_t:fd use;
+')
+
+define(`init_use_file_descriptors_depend',`
+type init_t;
+class fd use;
+')
+
+########################################
+#
# init_script_transition(domain,[`optional'])
#
define(`init_script_transition',`
@@ -52,6 +66,20 @@ class process { transition noatsecure siginh rlimitinh };
########################################
#
+# init_script_use_pseudoterminal(domain,[`optional'])
+#
+define(`init_script_use_pseudoterminal',`
+requires_block_template(init_script_use_pseudoterminal_depend,$2)
+allow $1 initrc_devpts_t:chr_file { read write };
+')
+
+define(`init_script_use_pseudoterminal_depend',`
+type initrc_devpts_t;
+class chr_file { read write };
+')
+
+########################################
+#
# init_script_direct_admin_transition(role,domain,[`optional'])
#
define(`init_script_direct_admin_transition',`
More information about the scm-commits
mailing list