Changeset 91 for selinux/build/zephyr.te
- Timestamp:
- Jan 20, 2007, 9:36:32 PM (18 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
selinux/build/zephyr.te
r84 r91 1 # Joe Presbrey 2 # presbrey@mit.edu 3 # 2006/1/15 4 1 5 policy_module(zephyr,1.0.0) 2 6 … … 10 14 type zephyr_exec_t; 11 15 domain_type(zephyr_t) 16 corecmd_executable_file(zephyr_bin_t) 12 17 init_daemon_domain(zephyr_t, zephyr_exec_t) 13 18 14 19 ######################################## 15 20 # 16 # AFSlocal policy21 # zephyr local policy 17 22 18 23 files_read_etc_files(zephyr_t) … … 22 27 miscfiles_read_localization(zephyr_t) 23 28 24 # Init script handling25 29 init_use_fds(zephyr_t) 26 30 init_use_script_ptys(zephyr_t) 27 31 domain_use_interactive_fds(zephyr_t) 28 32 term_use_console(zephyr_t) 29 30 allow zephyr_t self:process setsched; 31 allow zephyr_t self:capability { sys_admin sys_nice sys_tty_config}; 32 33 corenet_udp_bind_generic_port(zephyr_t) 34 dev_read_urand(zephyr_t) 33 35 sysnet_dns_name_resolve(zephyr_t) 34 36 corenet_tcp_sendrecv_all_nodes(zephyr_t) … … 36 38 corenet_tcp_sendrecv_all_ports(zephyr_t) 37 39 corenet_udp_sendrecv_all_ports(zephyr_t) 40 kerberos_use(zephyr_t) 38 41 39 #allow zephyr_bin_t fs_t:filesystem associate; 42 allow zephyr_t self:process setsched; 43 allow zephyr_t self:capability { sys_admin sys_nice sys_tty_config };
Note: See TracChangeset
for help on using the changeset viewer.