[selinux-policy: 1591/3172] add last bit of role infrastructure

Daniel J Walsh dwalsh at fedoraproject.org
Thu Oct 7 21:22:42 UTC 2010 

commit b1bf2f7811fd23d0ff7435798b16af3908fb87eb
Author: Chris PeBenito <cpebenito at tresys.com>
Date:   Mon Sep 11 15:26:25 2006 +0000

    add last bit of role infrastructure

 policy/modules/system/userdomain.if |  305 +++++++++++++++++++++++++++++++++++
 1 files changed, 305 insertions(+), 0 deletions(-)
---
diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
index 33a436e..407b2c3 100644
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -1171,6 +1171,311 @@ template(`userdom_admin_user_template',`
 
 ########################################
 ## <summary>
+##	Change to the generic user role.
+## </summary>
+## <desc>
+##	<p>
+##	Change to the generic user role.
+##	</p>
+##	<p>
+##	This is a template to support third party modules
+##	and its use is not allowed in upstream reference
+##	policy.
+##	</p>
+## </desc>
+## <param name="prefix">
+##	<summary>
+##	The prefix of the user role (e.g., user
+##	is the prefix for user_r).
+##	</summary>
+## </param>
+## <rolecap/>
+#
+template(`userdom_role_change_generic_user',`
+	ifdef(`strict_policy',`
+		userdom_role_change_template($1,user)
+	',`
+		refpolicywarn(`$0($*) has no effect in targeted policy.')
+	')
+')
+
+########################################
+## <summary>
+##	Change from the generic user role.
+## </summary>
+## <desc>
+##	<p>
+##	Change from the generic user role to
+##	the specified role.
+##	</p>
+##	<p>
+##	This is a template to support third party modules
+##	and its use is not allowed in upstream reference
+##	policy.
+##	</p>
+## </desc>
+## <param name="prefix">
+##	<summary>
+##	The prefix of the user role (e.g., user
+##	is the prefix for user_r).
+##	</summary>
+## </param>
+## <rolecap/>
+#
+template(`userdom_role_change_from_generic_user',`
+	ifdef(`strict_policy',`
+		userdom_role_change_template(user,$1)
+	',`
+		refpolicywarn(`$0($*) has no effect in targeted policy.')
+	')
+')
+
+########################################
+## <summary>
+##	Change to the staff user role.
+## </summary>
+## <desc>
+##	<p>
+##	Change to the staff user role.
+##	</p>
+##	<p>
+##	This is a template to support third party modules
+##	and its use is not allowed in upstream reference
+##	policy.
+##	</p>
+## </desc>
+## <param name="prefix">
+##	<summary>
+##	The prefix of the user role (e.g., user
+##	is the prefix for user_r).
+##	</summary>
+## </param>
+## <rolecap/>
+#
+template(`userdom_role_change_staff',`
+	ifdef(`strict_policy',`
+		userdom_role_change_template($1,staff)
+	',`
+		refpolicywarn(`$0($*) has no effect in targeted policy.')
+	')
+')
+
+########################################
+## <summary>
+##	Change from the staff user role.
+## </summary>
+## <desc>
+##	<p>
+##	Change from the staff user role to
+##	the specified role.
+##	</p>
+##	<p>
+##	This is a template to support third party modules
+##	and its use is not allowed in upstream reference
+##	policy.
+##	</p>
+## </desc>
+## <param name="prefix">
+##	<summary>
+##	The prefix of the user role (e.g., user
+##	is the prefix for user_r).
+##	</summary>
+## </param>
+## <rolecap/>
+#
+template(`userdom_role_change_from_staff',`
+	ifdef(`strict_policy',`
+		userdom_role_change_template(staff,$1)
+	',`
+		refpolicywarn(`$0($*) has no effect in targeted policy.')
+	')
+')
+
+########################################
+## <summary>
+##	Change to the sysadm user role.
+## </summary>
+## <desc>
+##	<p>
+##	Change to the sysadm user role.
+##	</p>
+##	<p>
+##	This is a template to support third party modules
+##	and its use is not allowed in upstream reference
+##	policy.
+##	</p>
+## </desc>
+## <param name="prefix">
+##	<summary>
+##	The prefix of the user role (e.g., user
+##	is the prefix for user_r).
+##	</summary>
+## </param>
+## <rolecap/>
+#
+template(`userdom_role_change_sysadm',`
+	ifdef(`strict_policy',`
+		userdom_role_change_template($1,sysadm)
+	',`
+		refpolicywarn(`$0($*) has no effect in targeted policy.')
+	')
+')
+
+########################################
+## <summary>
+##	Change from the sysadm user role.
+## </summary>
+## <desc>
+##	<p>
+##	Change from the sysadm user role to
+##	the specified role.
+##	</p>
+##	<p>
+##	This is a template to support third party modules
+##	and its use is not allowed in upstream reference
+##	policy.
+##	</p>
+## </desc>
+## <param name="prefix">
+##	<summary>
+##	The prefix of the user role (e.g., user
+##	is the prefix for user_r).
+##	</summary>
+## </param>
+## <rolecap/>
+#
+template(`userdom_role_change_from_sysadm',`
+	ifdef(`strict_policy',`
+		userdom_role_change_template(sysadm,$1)
+	',`
+		refpolicywarn(`$0($*) has no effect in targeted policy.')
+	')
+')
+
+########################################
+## <summary>
+##	Change to the secadm user role.
+## </summary>
+## <desc>
+##	<p>
+##	Change to the secadm user role.
+##	</p>
+##	<p>
+##	This is a template to support third party modules
+##	and its use is not allowed in upstream reference
+##	policy.
+##	</p>
+## </desc>
+## <param name="prefix">
+##	<summary>
+##	The prefix of the user role (e.g., user
+##	is the prefix for user_r).
+##	</summary>
+## </param>
+## <rolecap/>
+#
+template(`userdom_role_change_secadm',`
+	ifdef(`enable_mls',`
+		userdom_role_change_template($1,secadm)
+	',`
+		refpolicywarn(`$0($*) has no effect in non-MLS policy.')
+	')
+')
+
+########################################
+## <summary>
+##	Change from the secadm user role.
+## </summary>
+## <desc>
+##	<p>
+##	Change from the secadm user role to
+##	the specified role.
+##	</p>
+##	<p>
+##	This is a template to support third party modules
+##	and its use is not allowed in upstream reference
+##	policy.
+##	</p>
+## </desc>
+## <param name="prefix">
+##	<summary>
+##	The prefix of the user role (e.g., user
+##	is the prefix for user_r).
+##	</summary>
+## </param>
+## <rolecap/>
+#
+template(`userdom_role_change_from_secadm',`
+	ifdef(`enable_mls',`
+		userdom_role_change_template(secadm,$1)
+	',`
+		refpolicywarn(`$0($*) has no effect in non-MLS policy.')
+	')
+')
+
+########################################
+## <summary>
+##	Change to the auditadm user role.
+## </summary>
+## <desc>
+##	<p>
+##	Change to the auditadm user role.
+##	</p>
+##	<p>
+##	This is a template to support third party modules
+##	and its use is not allowed in upstream reference
+##	policy.
+##	</p>
+## </desc>
+## <param name="prefix">
+##	<summary>
+##	The prefix of the auditadm role (e.g., user
+##	is the prefix for user_r).
+##	</summary>
+## </param>
+## <rolecap/>
+#
+template(`userdom_role_change_auditadm',`
+	ifdef(`enable_mls',`
+		userdom_role_change_template($1,auditadm)
+	',`
+		refpolicywarn(`$0($*) has no effect in non-MLS policy.')
+	')
+')
+
+########################################
+## <summary>
+##	Change from the auditadm user role.
+## </summary>
+## <desc>
+##	<p>
+##	Change from the auditadm user role to
+##	the specified role.
+##	</p>
+##	<p>
+##	This is a template to support third party modules
+##	and its use is not allowed in upstream reference
+##	policy.
+##	</p>
+## </desc>
+## <param name="prefix">
+##	<summary>
+##	The prefix of the user role (e.g., user
+##	is the prefix for user_r).
+##	</summary>
+## </param>
+## <rolecap/>
+#
+template(`userdom_role_change_from_auditadm',`
+	ifdef(`enable_mls',`
+		userdom_role_change_template(auditadm,$1)
+	',`
+		refpolicywarn(`$0($*) has no effect in non-MLS policy.')
+	')
+')
+
+########################################
+## <summary>
 ##	Make the specified type usable in a
 ##	user home directory.
 ## </summary>

More information about the scm-commits mailing list