diff options
Diffstat (limited to 'policy/modules/contrib/mandb.if')
-rw-r--r-- | policy/modules/contrib/mandb.if | 135 |
1 files changed, 0 insertions, 135 deletions
diff --git a/policy/modules/contrib/mandb.if b/policy/modules/contrib/mandb.if deleted file mode 100644 index 327f3f726..000000000 --- a/policy/modules/contrib/mandb.if +++ /dev/null @@ -1,135 +0,0 @@ -## <summary>On-line manual database.</summary> - -######################################## -## <summary> -## Execute the mandb program in -## the mandb domain. -## </summary> -## <param name="domain"> -## <summary> -## Domain allowed to transition. -## </summary> -## </param> -# -interface(`mandb_domtrans',` - gen_require(` - type mandb_t, mandb_exec_t; - ') - - corecmd_search_bin($1) - domtrans_pattern($1, mandb_exec_t, mandb_t) -') - -######################################## -## <summary> -## Execute mandb in the mandb -## domain, and allow the specified -## role the mandb domain. -## </summary> -## <param name="domain"> -## <summary> -## Domain allowed to transition. -## </summary> -## </param> -## <param name="role"> -## <summary> -## Role allowed access. -## </summary> -## </param> -# -interface(`mandb_run',` - gen_require(` - attribute_role mandb_roles; - ') - - lightsquid_domtrans($1) - roleattribute $2 mandb_roles; -') - -######################################## -## <summary> -## Search mandb cache directories. -## </summary> -## <param name="domain"> -## <summary> -## Domain allowed access. -## </summary> -## </param> -# -interface(`mandb_search_cache',` - refpolicywarn(`$0($*) has been deprecated') -') - -######################################## -## <summary> -## Delete mandb cache content. -## </summary> -## <param name="domain"> -## <summary> -## Domain allowed access. -## </summary> -## </param> -# -interface(`mandb_delete_cache_content',` - refpolicywarn(`$0($*) has been deprecated') -') - -######################################## -## <summary> -## Read mandb cache content. -## </summary> -## <param name="domain"> -## <summary> -## Domain allowed access. -## </summary> -## </param> -# -interface(`mandb_read_cache_content',` - refpolicywarn(`$0($*) has been deprecated') -') - -######################################## -## <summary> -## Create, read, write, and delete -## mandb cache files. -## </summary> -## <param name="domain"> -## <summary> -## Domain allowed access. -## </summary> -## </param> -# -interface(`mandb_manage_cache_content',` - refpolicywarn(`$0($*) has been deprecated') -') - -######################################## -## <summary> -## All of the rules required to -## administrate an mandb environment. -## </summary> -## <param name="domain"> -## <summary> -## Domain allowed access. -## </summary> -## </param> -## <param name="role"> -## <summary> -## Role allowed access. -## </summary> -## </param> -## <rolecap/> -# -interface(`mandb_admin',` - gen_require(` - type mandb_t, mandb_cache_t; - ') - - allow $1 mandb_t:process { ptrace signal_perms }; - ps_process_pattern($1, mandb_t) - - mandb_run($1, $2) - - # pending - # miscfiles_manage_man_cache_content(mandb_t) -') |