2
policy_module(consoletype, 1.7.1)
4
########################################
10
type consoletype_exec_t;
11
application_executable_file(consoletype_exec_t)
12
init_domain(consoletype_t, consoletype_exec_t)
13
init_system_domain(consoletype_t, consoletype_exec_t)
14
role system_r types consoletype_t;
16
########################################
21
allow consoletype_t self:capability { sys_admin sys_tty_config };
22
allow consoletype_t self:process ~{ ptrace setcurrent setexec setfscreate setrlimit execmem execstack execheap };
23
allow consoletype_t self:fd use;
24
allow consoletype_t self:fifo_file rw_fifo_file_perms;
25
allow consoletype_t self:sock_file read_sock_file_perms;
26
allow consoletype_t self:unix_dgram_socket create_socket_perms;
27
allow consoletype_t self:unix_stream_socket create_stream_socket_perms;
28
allow consoletype_t self:unix_dgram_socket sendto;
29
allow consoletype_t self:unix_stream_socket connectto;
30
allow consoletype_t self:shm create_shm_perms;
31
allow consoletype_t self:sem create_sem_perms;
32
allow consoletype_t self:msgq create_msgq_perms;
33
allow consoletype_t self:msg { send receive };
35
kernel_use_fds(consoletype_t)
36
kernel_dontaudit_read_system_state(consoletype_t)
38
fs_getattr_all_fs(consoletype_t)
39
fs_search_auto_mountpoints(consoletype_t)
40
fs_write_nfs_files(consoletype_t)
41
fs_list_inotifyfs(consoletype_t)
43
mls_file_read_all_levels(consoletype_t)
44
mls_file_write_all_levels(consoletype_t)
46
term_use_all_terms(consoletype_t)
48
init_use_fds(consoletype_t)
49
init_use_script_ptys(consoletype_t)
50
init_use_script_fds(consoletype_t)
51
init_rw_script_pipes(consoletype_t)
53
domain_use_interactive_fds(consoletype_t)
55
files_dontaudit_read_root_files(consoletype_t)
56
files_list_usr(consoletype_t)
58
userdom_use_user_terminals(consoletype_t)
60
ifdef(`distro_redhat',`
61
fs_rw_tmpfs_chr_files(consoletype_t)
65
apm_use_fds(consoletype_t)
66
apm_write_pipes(consoletype_t)
70
auth_read_pam_pid(consoletype_t)
74
cron_read_pipes(consoletype_t)
75
cron_use_system_job_fds(consoletype_t)
79
files_read_etc_files(consoletype_t)
80
firstboot_use_fds(consoletype_t)
81
firstboot_rw_pipes(consoletype_t)
85
hal_dontaudit_use_fds(consoletype_t)
86
hal_dontaudit_rw_pipes(consoletype_t)
90
hotplug_dontaudit_use_fds(consoletype_t)
94
logrotate_dontaudit_use_fds(consoletype_t)
98
lpd_read_config(consoletype_t)
102
nis_use_ypbind(consoletype_t)
106
# Commonly used from postinst scripts
107
rpm_read_pipes(consoletype_t)
111
userdom_use_unpriv_users_fds(consoletype_t)
115
kernel_read_xen_state(consoletype_t)
116
kernel_write_xen_state(consoletype_t)
117
xen_append_log(consoletype_t)
118
xen_dontaudit_rw_unix_stream_sockets(consoletype_t)
119
xen_dontaudit_use_fds(consoletype_t)
added
removed
policy/modules/admin/consoletype.te
