Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/policy/modules/contrib/certmaster.te
diff options
context:
space:
mode:
Diffstat (limited to 'policy/modules/contrib/certmaster.te')
-rw-r--r--policy/modules/contrib/certmaster.te75
1 files changed, 0 insertions, 75 deletions
diff --git a/policy/modules/contrib/certmaster.te b/policy/modules/contrib/certmaster.te
deleted file mode 100644
index bf82163b4..000000000
--- a/policy/modules/contrib/certmaster.te
+++ /dev/null
@@ -1,75 +0,0 @@
-policy_module(certmaster, 1.2.1)
-
-########################################
-#
-# Declarations
-#
-
-type certmaster_t;
-type certmaster_exec_t;
-init_daemon_domain(certmaster_t, certmaster_exec_t)
-
-type certmaster_initrc_exec_t;
-init_script_file(certmaster_initrc_exec_t)
-
-type certmaster_etc_rw_t;
-files_type(certmaster_etc_rw_t)
-
-type certmaster_var_lib_t;
-files_type(certmaster_var_lib_t)
-
-type certmaster_var_log_t;
-logging_log_file(certmaster_var_log_t)
-
-type certmaster_var_run_t;
-files_pid_file(certmaster_var_run_t)
-
-###########################################
-#
-# Local policy
-#
-
-allow certmaster_t self:capability { dac_read_search dac_override sys_tty_config };
-allow certmaster_t self:tcp_socket { accept listen };
-
-list_dirs_pattern(certmaster_t, certmaster_etc_rw_t, certmaster_etc_rw_t)
-manage_files_pattern(certmaster_t, certmaster_etc_rw_t, certmaster_etc_rw_t)
-
-manage_files_pattern(certmaster_t, certmaster_var_lib_t, certmaster_var_lib_t)
-manage_dirs_pattern(certmaster_t, certmaster_var_lib_t, certmaster_var_lib_t)
-files_var_lib_filetrans(certmaster_t, certmaster_var_lib_t, { dir file })
-
-append_files_pattern(certmaster_t, certmaster_var_log_t, certmaster_var_log_t)
-create_files_pattern(certmaster_t, certmaster_var_log_t, certmaster_var_log_t)
-setattr_files_pattern(certmaster_t, certmaster_var_log_t, certmaster_var_log_t)
-logging_log_filetrans(certmaster_t, certmaster_var_log_t, file )
-
-manage_files_pattern(certmaster_t, certmaster_var_run_t, certmaster_var_run_t)
-manage_sock_files_pattern(certmaster_t, certmaster_var_run_t, certmaster_var_run_t)
-files_pid_filetrans(certmaster_t ,certmaster_var_run_t, { file sock_file })
-
-kernel_read_system_state(certmaster_t)
-
-corecmd_exec_bin(certmaster_t)
-
-corenet_all_recvfrom_unlabeled(certmaster_t)
-corenet_all_recvfrom_netlabel(certmaster_t)
-corenet_tcp_sendrecv_generic_if(certmaster_t)
-corenet_tcp_sendrecv_generic_node(certmaster_t)
-corenet_tcp_bind_generic_node(certmaster_t)
-
-corenet_sendrecv_certmaster_server_packets(certmaster_t)
-corenet_tcp_bind_certmaster_port(certmaster_t)
-corenet_tcp_sendrecv_certmaster_port(certmaster_t)
-
-dev_read_urand(certmaster_t)
-
-files_list_var(certmaster_t)
-files_search_etc(certmaster_t)
-files_read_usr_files(certmaster_t)
-
-auth_use_nsswitch(certmaster_t)
-
-miscfiles_read_localization(certmaster_t)
-miscfiles_manage_generic_cert_dirs(certmaster_t)
-miscfiles_manage_generic_cert_files(certmaster_t)