2
policy_module(tmpreaper, 1.3.0)
4
########################################
10
type tmpreaper_exec_t;
11
application_domain(tmpreaper_t, tmpreaper_exec_t)
12
role system_r types tmpreaper_t;
14
########################################
19
allow tmpreaper_t self:process { fork sigchld };
20
allow tmpreaper_t self:capability { dac_override dac_read_search fowner };
22
dev_read_urand(tmpreaper_t)
24
fs_getattr_xattr_fs(tmpreaper_t)
26
files_read_etc_files(tmpreaper_t)
27
files_read_var_lib_files(tmpreaper_t)
28
files_purge_tmp(tmpreaper_t)
29
# why does it need setattr?
30
files_setattr_all_tmp_dirs(tmpreaper_t)
32
mls_file_read_all_levels(tmpreaper_t)
33
mls_file_write_all_levels(tmpreaper_t)
35
logging_send_syslog_msg(tmpreaper_t)
37
miscfiles_read_localization(tmpreaper_t)
38
miscfiles_delete_man_pages(tmpreaper_t)
40
cron_system_entry(tmpreaper_t, tmpreaper_exec_t)
43
lpd_manage_spool(tmpreaper_t)