diff options
Diffstat (limited to 'policy/modules/contrib/l2tp.te')
| -rw-r--r-- | policy/modules/contrib/l2tp.te | 94 |
1 files changed, 0 insertions, 94 deletions
diff --git a/policy/modules/contrib/l2tp.te b/policy/modules/contrib/l2tp.te deleted file mode 100644 index 19f2b97f4..000000000 --- a/policy/modules/contrib/l2tp.te +++ /dev/null @@ -1,94 +0,0 @@ -policy_module(l2tp, 1.0.5) - -######################################## -# -# Declarations -# - -type l2tpd_t; -type l2tpd_exec_t; -init_daemon_domain(l2tpd_t, l2tpd_exec_t) - -type l2tpd_initrc_exec_t; -init_script_file(l2tpd_initrc_exec_t) - -type l2tp_conf_t; -files_config_file(l2tp_conf_t) - -type l2tpd_tmp_t; -files_tmp_file(l2tpd_tmp_t) - -type l2tpd_var_run_t; -files_pid_file(l2tpd_var_run_t) - -######################################## -# -# Local policy -# - -allow l2tpd_t self:capability net_admin; -allow l2tpd_t self:process signal; -allow l2tpd_t self:fifo_file rw_fifo_file_perms; -allow l2tpd_t self:netlink_socket create_socket_perms; -allow l2tpd_t self:rawip_socket create_socket_perms; -allow l2tpd_t self:socket create_socket_perms; -allow l2tpd_t self:tcp_socket { accept listen }; -allow l2tpd_t self:unix_dgram_socket sendto; -allow l2tpd_t self:unix_stream_socket { accept listen }; - -read_files_pattern(l2tpd_t, l2tp_conf_t, l2tp_conf_t) - -manage_dirs_pattern(l2tpd_t, l2tpd_var_run_t, l2tpd_var_run_t) -manage_files_pattern(l2tpd_t, l2tpd_var_run_t, l2tpd_var_run_t) -manage_sock_files_pattern(l2tpd_t, l2tpd_var_run_t, l2tpd_var_run_t) -manage_fifo_files_pattern(l2tpd_t, l2tpd_var_run_t, l2tpd_var_run_t) -files_pid_filetrans(l2tpd_t, l2tpd_var_run_t, { dir file sock_file }) - -manage_sock_files_pattern(l2tpd_t, l2tpd_tmp_t, l2tpd_tmp_t) -files_tmp_filetrans(l2tpd_t, l2tpd_tmp_t, sock_file) - -corenet_all_recvfrom_unlabeled(l2tpd_t) -corenet_all_recvfrom_netlabel(l2tpd_t) -corenet_raw_sendrecv_generic_if(l2tpd_t) -corenet_tcp_sendrecv_generic_if(l2tpd_t) -corenet_udp_sendrecv_generic_if(l2tpd_t) -corenet_raw_bind_generic_node(l2tpd_t) -corenet_tcp_bind_generic_node(l2tpd_t) -corenet_udp_bind_generic_node(l2tpd_t) -corenet_raw_sendrecv_generic_node(l2tpd_t) -corenet_tcp_sendrecv_generic_node(l2tpd_t) -corenet_udp_sendrecv_generic_node(l2tpd_t) -corenet_tcp_sendrecv_all_ports(l2tpd_t) -corenet_udp_sendrecv_all_ports(l2tpd_t) - -corenet_sendrecv_all_server_packets(l2tpd_t) -corenet_tcp_bind_all_rpc_ports(l2tpd_t) -corenet_udp_bind_all_rpc_ports(l2tpd_t) - -corenet_udp_bind_l2tp_port(l2tpd_t) - -kernel_read_network_state(l2tpd_t) -kernel_read_system_state(l2tpd_t) -kernel_request_load_module(l2tpd_t) - -corecmd_exec_bin(l2tpd_t) - -dev_read_urand(l2tpd_t) - -files_read_etc_files(l2tpd_t) - -term_setattr_generic_ptys(l2tpd_t) -term_use_generic_ptys(l2tpd_t) -term_use_ptmx(l2tpd_t) - -logging_send_syslog_msg(l2tpd_t) - -miscfiles_read_localization(l2tpd_t) - -sysnet_dns_name_resolve(l2tpd_t) - -optional_policy(` - ppp_domtrans(l2tpd_t) - ppp_signal(l2tpd_t) - ppp_kill(l2tpd_t) -') |