diff options
Diffstat (limited to 'policy/modules/contrib/dnssectrigger.if')
-rw-r--r-- | policy/modules/contrib/dnssectrigger.if | 42 |
1 files changed, 0 insertions, 42 deletions
diff --git a/policy/modules/contrib/dnssectrigger.if b/policy/modules/contrib/dnssectrigger.if deleted file mode 100644 index 456da5ce..00000000 --- a/policy/modules/contrib/dnssectrigger.if +++ /dev/null @@ -1,42 +0,0 @@ -## <summary>Enables DNSSEC protection for DNS traffic.</summary> - -######################################## -## <summary> -## All of the rules required to -## administrate an dnssec environment. -## </summary> -## <param name="domain"> -## <summary> -## Domain allowed access. -## </summary> -## </param> -## <param name="role"> -## <summary> -## Role allowed access. -## </summary> -## </param> -## <rolecap/> -# -interface(`dnssectrigger_admin',` - gen_require(` - type dnssec_triggerd_t, dnssec_triggerd_initrc_exec_t, dnssec_trigger_conf_t; - type dnssec_trigger_log_t, dnssec_triggerd_var_run_t; - ') - - allow $1 dnssec_triggerd_t:process { ptrace signal_perms }; - ps_process_pattern($1, dnssec_triggerd_t) - - init_labeled_script_domtrans($1, dnssec_triggerd_initrc_exec_t) - domain_system_change_exemption($1) - role_transition $2 dnssec_triggerd_initrc_exec_t system_r; - allow $2 system_r; - - files_search_etc($1) - admin_pattern($1, dnssec_trigger_conf_t) - - logging_search_logs($1) - admin_pattern($1, dnssec_trigger_log_t) - - files_search_pids($1) - admin_pattern($1, dnssec_triggerd_var_run_t) -') |