[selinux-policy: 1591/3172] add last bit of role infrastructure
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 21:22:42 UTC 2010
commit b1bf2f7811fd23d0ff7435798b16af3908fb87eb
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Mon Sep 11 15:26:25 2006 +0000
add last bit of role infrastructure
policy/modules/system/userdomain.if | 305 +++++++++++++++++++++++++++++++++++
1 files changed, 305 insertions(+), 0 deletions(-)
---
diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
index 33a436e..407b2c3 100644
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -1171,6 +1171,311 @@ template(`userdom_admin_user_template',`
########################################
## <summary>
+## Change to the generic user role.
+## </summary>
+## <desc>
+## <p>
+## Change to the generic user role.
+## </p>
+## <p>
+## This is a template to support third party modules
+## and its use is not allowed in upstream reference
+## policy.
+## </p>
+## </desc>
+## <param name="prefix">
+## <summary>
+## The prefix of the user role (e.g., user
+## is the prefix for user_r).
+## </summary>
+## </param>
+## <rolecap/>
+#
+template(`userdom_role_change_generic_user',`
+ ifdef(`strict_policy',`
+ userdom_role_change_template($1,user)
+ ',`
+ refpolicywarn(`$0($*) has no effect in targeted policy.')
+ ')
+')
+
+########################################
+## <summary>
+## Change from the generic user role.
+## </summary>
+## <desc>
+## <p>
+## Change from the generic user role to
+## the specified role.
+## </p>
+## <p>
+## This is a template to support third party modules
+## and its use is not allowed in upstream reference
+## policy.
+## </p>
+## </desc>
+## <param name="prefix">
+## <summary>
+## The prefix of the user role (e.g., user
+## is the prefix for user_r).
+## </summary>
+## </param>
+## <rolecap/>
+#
+template(`userdom_role_change_from_generic_user',`
+ ifdef(`strict_policy',`
+ userdom_role_change_template(user,$1)
+ ',`
+ refpolicywarn(`$0($*) has no effect in targeted policy.')
+ ')
+')
+
+########################################
+## <summary>
+## Change to the staff user role.
+## </summary>
+## <desc>
+## <p>
+## Change to the staff user role.
+## </p>
+## <p>
+## This is a template to support third party modules
+## and its use is not allowed in upstream reference
+## policy.
+## </p>
+## </desc>
+## <param name="prefix">
+## <summary>
+## The prefix of the user role (e.g., user
+## is the prefix for user_r).
+## </summary>
+## </param>
+## <rolecap/>
+#
+template(`userdom_role_change_staff',`
+ ifdef(`strict_policy',`
+ userdom_role_change_template($1,staff)
+ ',`
+ refpolicywarn(`$0($*) has no effect in targeted policy.')
+ ')
+')
+
+########################################
+## <summary>
+## Change from the staff user role.
+## </summary>
+## <desc>
+## <p>
+## Change from the staff user role to
+## the specified role.
+## </p>
+## <p>
+## This is a template to support third party modules
+## and its use is not allowed in upstream reference
+## policy.
+## </p>
+## </desc>
+## <param name="prefix">
+## <summary>
+## The prefix of the user role (e.g., user
+## is the prefix for user_r).
+## </summary>
+## </param>
+## <rolecap/>
+#
+template(`userdom_role_change_from_staff',`
+ ifdef(`strict_policy',`
+ userdom_role_change_template(staff,$1)
+ ',`
+ refpolicywarn(`$0($*) has no effect in targeted policy.')
+ ')
+')
+
+########################################
+## <summary>
+## Change to the sysadm user role.
+## </summary>
+## <desc>
+## <p>
+## Change to the sysadm user role.
+## </p>
+## <p>
+## This is a template to support third party modules
+## and its use is not allowed in upstream reference
+## policy.
+## </p>
+## </desc>
+## <param name="prefix">
+## <summary>
+## The prefix of the user role (e.g., user
+## is the prefix for user_r).
+## </summary>
+## </param>
+## <rolecap/>
+#
+template(`userdom_role_change_sysadm',`
+ ifdef(`strict_policy',`
+ userdom_role_change_template($1,sysadm)
+ ',`
+ refpolicywarn(`$0($*) has no effect in targeted policy.')
+ ')
+')
+
+########################################
+## <summary>
+## Change from the sysadm user role.
+## </summary>
+## <desc>
+## <p>
+## Change from the sysadm user role to
+## the specified role.
+## </p>
+## <p>
+## This is a template to support third party modules
+## and its use is not allowed in upstream reference
+## policy.
+## </p>
+## </desc>
+## <param name="prefix">
+## <summary>
+## The prefix of the user role (e.g., user
+## is the prefix for user_r).
+## </summary>
+## </param>
+## <rolecap/>
+#
+template(`userdom_role_change_from_sysadm',`
+ ifdef(`strict_policy',`
+ userdom_role_change_template(sysadm,$1)
+ ',`
+ refpolicywarn(`$0($*) has no effect in targeted policy.')
+ ')
+')
+
+########################################
+## <summary>
+## Change to the secadm user role.
+## </summary>
+## <desc>
+## <p>
+## Change to the secadm user role.
+## </p>
+## <p>
+## This is a template to support third party modules
+## and its use is not allowed in upstream reference
+## policy.
+## </p>
+## </desc>
+## <param name="prefix">
+## <summary>
+## The prefix of the user role (e.g., user
+## is the prefix for user_r).
+## </summary>
+## </param>
+## <rolecap/>
+#
+template(`userdom_role_change_secadm',`
+ ifdef(`enable_mls',`
+ userdom_role_change_template($1,secadm)
+ ',`
+ refpolicywarn(`$0($*) has no effect in non-MLS policy.')
+ ')
+')
+
+########################################
+## <summary>
+## Change from the secadm user role.
+## </summary>
+## <desc>
+## <p>
+## Change from the secadm user role to
+## the specified role.
+## </p>
+## <p>
+## This is a template to support third party modules
+## and its use is not allowed in upstream reference
+## policy.
+## </p>
+## </desc>
+## <param name="prefix">
+## <summary>
+## The prefix of the user role (e.g., user
+## is the prefix for user_r).
+## </summary>
+## </param>
+## <rolecap/>
+#
+template(`userdom_role_change_from_secadm',`
+ ifdef(`enable_mls',`
+ userdom_role_change_template(secadm,$1)
+ ',`
+ refpolicywarn(`$0($*) has no effect in non-MLS policy.')
+ ')
+')
+
+########################################
+## <summary>
+## Change to the auditadm user role.
+## </summary>
+## <desc>
+## <p>
+## Change to the auditadm user role.
+## </p>
+## <p>
+## This is a template to support third party modules
+## and its use is not allowed in upstream reference
+## policy.
+## </p>
+## </desc>
+## <param name="prefix">
+## <summary>
+## The prefix of the auditadm role (e.g., user
+## is the prefix for user_r).
+## </summary>
+## </param>
+## <rolecap/>
+#
+template(`userdom_role_change_auditadm',`
+ ifdef(`enable_mls',`
+ userdom_role_change_template($1,auditadm)
+ ',`
+ refpolicywarn(`$0($*) has no effect in non-MLS policy.')
+ ')
+')
+
+########################################
+## <summary>
+## Change from the auditadm user role.
+## </summary>
+## <desc>
+## <p>
+## Change from the auditadm user role to
+## the specified role.
+## </p>
+## <p>
+## This is a template to support third party modules
+## and its use is not allowed in upstream reference
+## policy.
+## </p>
+## </desc>
+## <param name="prefix">
+## <summary>
+## The prefix of the user role (e.g., user
+## is the prefix for user_r).
+## </summary>
+## </param>
+## <rolecap/>
+#
+template(`userdom_role_change_from_auditadm',`
+ ifdef(`enable_mls',`
+ userdom_role_change_template(auditadm,$1)
+ ',`
+ refpolicywarn(`$0($*) has no effect in non-MLS policy.')
+ ')
+')
+
+########################################
+## <summary>
## Make the specified type usable in a
## user home directory.
## </summary>
More information about the scm-commits
mailing list