[selinux-policy: 216/3172] initial commit
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 19:23:36 UTC 2010
commit 10abae75d95dd1a9fffa28aa35981521776f1e6e
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Wed May 25 19:52:21 2005 +0000
initial commit
refpolicy/policy/modules/admin/netutils.if | 33 ++++++++++++++++++++++++++++
1 files changed, 33 insertions(+), 0 deletions(-)
---
diff --git a/refpolicy/policy/modules/admin/netutils.if b/refpolicy/policy/modules/admin/netutils.if
new file mode 100644
index 0000000..e063dd5
--- /dev/null
+++ b/refpolicy/policy/modules/admin/netutils.if
@@ -0,0 +1,33 @@
+# Copyright (C) 2005 Tresys Technology, LLC
+
+#######################################
+#
+# netutils_transition(domain)
+#
+define(`netutils_transition',`
+requires_block_template(`$0'_depend)
+allow $1 netutils_exec_t:file { getattr read execute };
+allow $1 netutils_t:process transition;
+type_transition $1 netutils_exec_t:process netutils_t;
+dontaudit $1 netutils_t:process { noatsecure siginh rlimitinh };
+')
+
+define(`netutils_transition_depend',`
+type netutils_t, netutils_exec_t;
+class file { getattr read execute };
+class process { transition noatsecure siginh rlimitinh };
+')
+
+#######################################
+#
+# netutils_execute(domain)
+#
+define(`netutils_execute',`
+requires_block_template(`$0'_depend)
+allow $1 netutils_exec_t:file { getattr read execute execute_no_trans };
+')
+
+define(`netutils_execute_depend',`
+type netutils_exec_t;
+class file { getattr read execute execute_no_trans };
+')
More information about the scm-commits
mailing list