Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/policy/modules/contrib/shorewall.te
diff options
context:
space:
mode:
Diffstat (limited to 'policy/modules/contrib/shorewall.te')
-rw-r--r--policy/modules/contrib/shorewall.te114
1 files changed, 0 insertions, 114 deletions
diff --git a/policy/modules/contrib/shorewall.te b/policy/modules/contrib/shorewall.te
deleted file mode 100644
index ca03de614..000000000
--- a/policy/modules/contrib/shorewall.te
+++ /dev/null
@@ -1,114 +0,0 @@
-policy_module(shorewall, 1.3.5)
-
-########################################
-#
-# Declarations
-#
-
-type shorewall_t;
-type shorewall_exec_t;
-init_daemon_domain(shorewall_t, shorewall_exec_t)
-
-type shorewall_initrc_exec_t;
-init_script_file(shorewall_initrc_exec_t)
-
-type shorewall_etc_t;
-files_config_file(shorewall_etc_t)
-
-type shorewall_lock_t;
-files_lock_file(shorewall_lock_t)
-
-type shorewall_tmp_t;
-files_tmp_file(shorewall_tmp_t)
-
-type shorewall_var_lib_t;
-domain_entry_file(shorewall_t, shorewall_var_lib_t)
-
-type shorewall_log_t;
-logging_log_file(shorewall_log_t)
-
-########################################
-#
-# Local policy
-#
-
-allow shorewall_t self:capability { dac_override net_admin net_raw setuid setgid sys_nice sys_admin };
-dontaudit shorewall_t self:capability sys_tty_config;
-allow shorewall_t self:fifo_file rw_fifo_file_perms;
-allow shorewall_t self:netlink_socket create_socket_perms;
-
-read_files_pattern(shorewall_t, shorewall_etc_t, shorewall_etc_t)
-list_dirs_pattern(shorewall_t, shorewall_etc_t, shorewall_etc_t)
-
-manage_files_pattern(shorewall_t, shorewall_lock_t, shorewall_lock_t)
-files_lock_filetrans(shorewall_t, shorewall_lock_t, file)
-
-manage_dirs_pattern(shorewall_t, shorewall_log_t, shorewall_log_t)
-append_files_pattern(shorewall_t, shorewall_log_t, shorewall_log_t)
-create_files_pattern(shorewall_t, shorewall_log_t, shorewall_log_t)
-setattr_files_pattern(shorewall_t, shorewall_log_t, shorewall_log_t)
-logging_log_filetrans(shorewall_t, shorewall_log_t, { file dir })
-
-manage_dirs_pattern(shorewall_t, shorewall_tmp_t, shorewall_tmp_t)
-manage_files_pattern(shorewall_t, shorewall_tmp_t, shorewall_tmp_t)
-files_tmp_filetrans(shorewall_t, shorewall_tmp_t, { file dir })
-
-exec_files_pattern(shorewall_t, shorewall_var_lib_t, shorewall_var_lib_t)
-manage_dirs_pattern(shorewall_t, shorewall_var_lib_t, shorewall_var_lib_t)
-manage_files_pattern(shorewall_t, shorewall_var_lib_t, shorewall_var_lib_t)
-files_var_lib_filetrans(shorewall_t, shorewall_var_lib_t, { dir file })
-
-allow shorewall_t shorewall_initrc_exec_t:file read_file_perms;
-
-kernel_read_kernel_sysctls(shorewall_t)
-kernel_read_network_state(shorewall_t)
-kernel_read_system_state(shorewall_t)
-kernel_rw_net_sysctls(shorewall_t)
-
-corecmd_exec_bin(shorewall_t)
-corecmd_exec_shell(shorewall_t)
-
-dev_read_sysfs(shorewall_t)
-dev_read_urand(shorewall_t)
-
-domain_read_all_domains_state(shorewall_t)
-
-files_getattr_kernel_modules(shorewall_t)
-files_read_usr_files(shorewall_t)
-files_search_kernel_modules(shorewall_t)
-
-fs_getattr_all_fs(shorewall_t)
-
-auth_use_nsswitch(shorewall_t)
-
-init_rw_utmp(shorewall_t)
-
-logging_read_generic_logs(shorewall_t)
-logging_send_syslog_msg(shorewall_t)
-
-miscfiles_read_localization(shorewall_t)
-
-sysnet_domtrans_ifconfig(shorewall_t)
-
-userdom_dontaudit_list_user_home_dirs(shorewall_t)
-userdom_use_user_terminals(shorewall_t)
-
-optional_policy(`
- brctl_domtrans(shorewall_t)
-')
-
-optional_policy(`
- hostname_exec(shorewall_t)
-')
-
-optional_policy(`
- iptables_domtrans(shorewall_t)
-')
-
-optional_policy(`
- modutils_domtrans_insmod(shorewall_t)
-')
-
-optional_policy(`
- ulogd_search_log(shorewall_t)
-')