Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/policy/modules/contrib/xguest.te
diff options
context:
space:
mode:
Diffstat (limited to 'policy/modules/contrib/xguest.te')
-rw-r--r--policy/modules/contrib/xguest.te171
1 files changed, 0 insertions, 171 deletions
diff --git a/policy/modules/contrib/xguest.te b/policy/modules/contrib/xguest.te
deleted file mode 100644
index 2882821a8..000000000
--- a/policy/modules/contrib/xguest.te
+++ /dev/null
@@ -1,171 +0,0 @@
-policy_module(xguest, 1.1.2)
-
-########################################
-#
-# Declarations
-#
-
-## <desc>
-## <p>
-## Determine whether xguest can
-## mount removable media.
-## </p>
-## </desc>
-gen_tunable(xguest_mount_media, false)
-
-## <desc>
-## <p>
-## Determine whether xguest can
-## configure network manager.
-## </p>
-## </desc>
-gen_tunable(xguest_connect_network, false)
-
-## <desc>
-## <p>
-## Determine whether xguest can
-## use blue tooth devices.
-## </p>
-## </desc>
-gen_tunable(xguest_use_bluetooth, false)
-
-role xguest_r;
-
-userdom_restricted_xwindows_user_template(xguest)
-
-########################################
-#
-# Local policy
-#
-
-kernel_dontaudit_request_load_module(xguest_t)
-
-ifndef(`enable_mls',`
- fs_exec_noxattr(xguest_t)
-
- tunable_policy(`user_rw_noexattrfile',`
- fs_manage_noxattr_fs_files(xguest_t)
- fs_manage_noxattr_fs_dirs(xguest_t)
- storage_raw_read_removable_device(xguest_t)
- storage_raw_write_removable_device(xguest_t)
- ',`
- storage_raw_read_removable_device(xguest_t)
- ')
-')
-
-optional_policy(`
- tunable_policy(`xguest_mount_media',`
- kernel_read_fs_sysctls(xguest_t)
-
- files_dontaudit_getattr_boot_dirs(xguest_t)
- files_search_mnt(xguest_t)
-
- fs_manage_noxattr_fs_files(xguest_t)
- fs_manage_noxattr_fs_dirs(xguest_t)
- fs_manage_noxattr_fs_dirs(xguest_t)
- fs_getattr_noxattr_fs(xguest_t)
- fs_read_noxattr_fs_symlinks(xguest_t)
-
- auth_list_pam_console_data(xguest_t)
-
- init_read_utmp(xguest_t)
- ')
-')
-
-optional_policy(`
- tunable_policy(`xguest_use_bluetooth',`
- bluetooth_dbus_chat(xguest_t)
- ')
-')
-
-optional_policy(`
- tunable_policy(`xguest_use_bluetooth',`
- blueman_dbus_chat(xguest_t)
- ')
-')
-
-optional_policy(`
- apache_role(xguest_r, xguest_t)
-')
-
-optional_policy(`
- gnomeclock_dontaudit_dbus_chat(xguest_t)
-')
-
-optional_policy(`
- hal_dbus_chat(xguest_t)
-')
-
-optional_policy(`
- java_role(xguest_r, xguest_t)
-')
-
-optional_policy(`
- mozilla_role(xguest_r, xguest_t)
-')
-
-optional_policy(`
- tunable_policy(`xguest_connect_network',`
- kernel_read_network_state(xguest_t)
-
- networkmanager_dbus_chat(xguest_t)
- networkmanager_read_lib_files(xguest_t)
-
- corenet_all_recvfrom_unlabeled(xguest_t)
- corenet_all_recvfrom_netlabel(xguest_t)
- corenet_tcp_sendrecv_generic_if(xguest_t)
- corenet_raw_sendrecv_generic_if(xguest_t)
- corenet_tcp_sendrecv_generic_node(xguest_t)
- corenet_raw_sendrecv_generic_node(xguest_t)
-
- corenet_sendrecv_pulseaudio_client_packets(xguest_t)
- corenet_tcp_connect_pulseaudio_port(xguest_t)
- corenet_tcp_sendrecv_pulseaudio_port(xguest_t)
-
- corenet_sendrecv_http_client_packets(xguest_t)
- corenet_tcp_connect_http_port(xguest_t)
- corenet_tcp_sendrecv_http_port(xguest_t)
-
- corenet_sendrecv_http_cache_client_packets(xguest_t)
- corenet_tcp_connect_http_cache_port(xguest_t)
- corenet_tcp_sendrecv_http_cache_port(xguest_t)
-
- corenet_sendrecv_squid_client_packets(xguest_t)
- corenet_tcp_connect_squid_port(xguest_t)
- corenet_tcp_sendrecv_squid_port(xguest_t)
-
- corenet_sendrecv_ftp_client_packets(xguest_t)
- corenet_tcp_connect_ftp_port(xguest_t)
- corenet_tcp_sendrecv_ftp_port(xguest_t)
-
- corenet_sendrecv_ipp_client_packets(xguest_t)
- corenet_tcp_connect_ipp_port(xguest_t)
- corenet_tcp_sendrecv_ipp_port(xguest_t)
-
- corenet_sendrecv_generic_client_packets(xguest_t)
- corenet_tcp_connect_generic_port(xguest_t)
- corenet_tcp_sendrecv_generic_port(xguest_t)
-
- corenet_sendrecv_soundd_client_packets(xguest_t)
- corenet_tcp_connect_soundd_port(xguest_t)
- corenet_tcp_sendrecv_soundd_port(xguest_t)
-
- corenet_sendrecv_speech_client_packets(xguest_t)
- corenet_tcp_connect_speech_port(xguest_t)
- corenet_tcp_sendrecv_speech_port(xguest_t)
-
- corenet_sendrecv_transproxy_client_packets(xguest_t)
- corenet_tcp_connect_transproxy_port(xguest_t)
- corenet_tcp_sendrecv_transproxy_port(xguest_t)
-
- corenet_dontaudit_tcp_sendrecv_generic_port(xguest_t)
- corenet_dontaudit_tcp_bind_generic_port(xguest_t)
- ')
-')
-
-optional_policy(`
- pcscd_read_pid_files(xguest_t)
- pcscd_stream_connect(xguest_t)
-')
-
-#gen_user(xguest_u,, xguest_r, s0, s0)