diff options
Diffstat (limited to 'policy/modules/contrib/screen.if')
-rw-r--r-- | policy/modules/contrib/screen.if | 89 |
1 files changed, 0 insertions, 89 deletions
diff --git a/policy/modules/contrib/screen.if b/policy/modules/contrib/screen.if deleted file mode 100644 index c21ddcce..00000000 --- a/policy/modules/contrib/screen.if +++ /dev/null @@ -1,89 +0,0 @@ -## <summary>GNU terminal multiplexer.</summary> - -####################################### -## <summary> -## The role template for the screen module. -## </summary> -## <param name="role_prefix"> -## <summary> -## The prefix of the user role (e.g., user -## is the prefix for user_r). -## </summary> -## </param> -## <param name="user_role"> -## <summary> -## The role associated with the user domain. -## </summary> -## </param> -## <param name="user_domain"> -## <summary> -## The type of the user domain. -## </summary> -## </param> -# -template(`screen_role_template',` - gen_require(` - attribute screen_domain; - attribute_role screen_roles; - type screen_exec_t, screen_tmp_t; - type screen_home_t, screen_var_run_t; - ') - - ######################################## - # - # Declarations - # - - type $1_screen_t, screen_domain; - userdom_user_application_domain($1_screen_t, screen_exec_t) - domain_interactive_fd($1_screen_t) - role screen_roles types $1_screen_t; - - roleattribute $2 screen_roles; - - ######################################## - # - # Local policy - # - - domtrans_pattern($3, screen_exec_t, $1_screen_t) - - ps_process_pattern($3, $1_screen_t) - allow $3 $1_screen_t:process { ptrace signal_perms }; - - dontaudit $3 $1_screen_t:unix_stream_socket { read write }; - allow $1_screen_t $3:process signal; - - allow $3 screen_tmp_t:dir { manage_dir_perms relabel_dir_perms }; - allow $3 screen_tmp_t:file { manage_file_perms relabel_file_perms }; - allow $3 screen_tmp_t:fifo_file { manage_fifo_file_perms relabel_fifo_file_perms }; - - allow $3 screen_home_t:dir { manage_dir_perms relabel_dir_perms }; - allow $3 screen_home_t:file { manage_file_perms relabel_file_perms }; - allow $3 screen_home_t:fifo_file { manage_fifo_file_perms relabel_fifo_file_perms }; - allow $3 screen_home_t:lnk_file { manage_lnk_file_perms relabel_lnk_file_perms }; - - userdom_user_home_dir_filetrans($3, screen_home_t, dir, ".screen") - userdom_user_home_dir_filetrans($3, screen_home_t, file, ".screenrc") - - manage_dirs_pattern($3, screen_var_run_t, screen_var_run_t) - manage_files_pattern($3, screen_var_run_t, screen_var_run_t) - manage_lnk_files_pattern($3, screen_var_run_t, screen_var_run_t) - manage_fifo_files_pattern($3, screen_var_run_t, screen_var_run_t) - - corecmd_bin_domtrans($1_screen_t, $3) - corecmd_shell_domtrans($1_screen_t, $3) - - auth_domtrans_chk_passwd($1_screen_t) - auth_use_nsswitch($1_screen_t) - - userdom_user_home_domtrans($1_screen_t, $3) - - tunable_policy(`use_samba_home_dirs',` - fs_cifs_domtrans($1_screen_t, $3) - ') - - tunable_policy(`use_nfs_home_dirs',` - fs_nfs_domtrans($1_screen_t, $3) - ') -') |