Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/policy/modules/contrib/ulogd.if
diff options
context:
space:
mode:
Diffstat (limited to 'policy/modules/contrib/ulogd.if')
-rw-r--r--policy/modules/contrib/ulogd.if142
1 files changed, 0 insertions, 142 deletions
diff --git a/policy/modules/contrib/ulogd.if b/policy/modules/contrib/ulogd.if
deleted file mode 100644
index 9b95c3ef..00000000
--- a/policy/modules/contrib/ulogd.if
+++ /dev/null
@@ -1,142 +0,0 @@
-## <summary>Iptables/netfilter userspace logging daemon.</summary>
-
-########################################
-## <summary>
-## Execute a domain transition to run ulogd.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed to transition.
-## </summary>
-## </param>
-#
-interface(`ulogd_domtrans',`
- gen_require(`
- type ulogd_t, ulogd_exec_t;
- ')
-
- corecmd_search_bin($1)
- domtrans_pattern($1, ulogd_exec_t, ulogd_t)
-')
-
-########################################
-## <summary>
-## Read ulogd configuration files.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <rolecap/>
-#
-interface(`ulogd_read_config',`
- gen_require(`
- type ulogd_etc_t;
- ')
-
- files_search_etc($1)
- read_files_pattern($1, ulogd_etc_t, ulogd_etc_t)
-')
-
-########################################
-## <summary>
-## Read ulogd log files.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <rolecap/>
-#
-interface(`ulogd_read_log',`
- gen_require(`
- type ulogd_var_log_t;
- ')
-
- logging_search_logs($1)
- allow $1 ulogd_var_log_t:dir list_dir_perms;
- read_files_pattern($1, ulogd_var_log_t, ulogd_var_log_t)
-')
-
-#######################################
-## <summary>
-## Search ulogd log files.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`ulogd_search_log',`
- gen_require(`
- type ulogd_var_log_t;
- ')
-
- logging_search_logs($1)
- allow $1 ulogd_var_log_t:dir search_dir_perms;
-')
-
-########################################
-## <summary>
-## Append to ulogd log files.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <rolecap/>
-#
-interface(`ulogd_append_log',`
- gen_require(`
- type ulogd_var_log_t;
- ')
-
- logging_search_logs($1)
- allow $1 ulogd_var_log_t:dir list_dir_perms;
- allow $1 ulogd_var_log_t:file append_file_perms;
-')
-
-########################################
-## <summary>
-## All of the rules required to
-## administrate an ulogd environment.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <param name="role">
-## <summary>
-## Role allowed access.
-## </summary>
-## </param>
-## <rolecap/>
-#
-interface(`ulogd_admin',`
- gen_require(`
- type ulogd_t, ulogd_etc_t, ulogd_modules_t;
- type ulogd_var_log_t, ulogd_initrc_exec_t;
- ')
-
- allow $1 ulogd_t:process { ptrace signal_perms };
- ps_process_pattern($1, ulogd_t)
-
- init_labeled_script_domtrans($1, ulogd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 ulogd_initrc_exec_t system_r;
- allow $2 system_r;
-
- files_list_etc($1)
- admin_pattern($1, ulogd_etc_t)
-
- logging_list_logs($1)
- admin_pattern($1, ulogd_var_log_t)
-
- files_list_usr($1)
- admin_pattern($1, ulogd_modules_t)
-')