Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/policy/modules/services/mysql.fc
diff options
context:
space:
mode:
authorChris PeBenito <pebenito@ieee.org>2018-06-23 10:38:58 -0400
committerJason Zaman <jason@perfinion.com>2018-06-24 16:33:24 +0800
commit751926c0fbba4bf7105622ee65888b66740847a0 (patch)
tree6bbdd39cd5becdddc8e4cbc41332c383874c7972 /policy/modules/services/mysql.fc
parentxdg: move compat interfaces to upstream xdg module (diff)
downloadhardened-refpolicy-751926c0fbba4bf7105622ee65888b66740847a0.tar.gz
hardened-refpolicy-751926c0fbba4bf7105622ee65888b66740847a0.tar.bz2
hardened-refpolicy-751926c0fbba4bf7105622ee65888b66740847a0.zip
Move all files out of the old contrib directory.
Diffstat (limited to 'policy/modules/services/mysql.fc')
-rw-r--r--policy/modules/services/mysql.fc37
1 files changed, 37 insertions, 0 deletions
diff --git a/policy/modules/services/mysql.fc b/policy/modules/services/mysql.fc
new file mode 100644
index 00000000..8213e53c
--- /dev/null
+++ b/policy/modules/services/mysql.fc
@@ -0,0 +1,37 @@
+HOME_DIR/\.my\.cnf -- gen_context(system_u:object_r:mysqld_home_t,s0)
+
+/etc/my\.cnf -- gen_context(system_u:object_r:mysqld_etc_t,s0)
+/etc/my\.cnf\.d(/.*)? gen_context(system_u:object_r:mysqld_etc_t,s0)
+/etc/mysql(/.*)? gen_context(system_u:object_r:mysqld_etc_t,s0)
+
+/etc/rc\.d/init\.d/mysqld? -- gen_context(system_u:object_r:mysqld_initrc_exec_t,s0)
+/etc/rc\.d/init\.d/mysqlmanager -- gen_context(system_u:object_r:mysqlmanagerd_initrc_exec_t,s0)
+
+/usr/bin/mysqld(-max)? -- gen_context(system_u:object_r:mysqld_exec_t,s0)
+/usr/bin/mysqld_safe -- gen_context(system_u:object_r:mysqld_safe_exec_t,s0)
+/usr/bin/mysql_upgrade -- gen_context(system_u:object_r:mysqld_exec_t,s0)
+/usr/bin/mysqlmanager -- gen_context(system_u:object_r:mysqlmanagerd_exec_t,s0)
+/usr/bin/ndbd -- gen_context(system_u:object_r:mysqld_exec_t,s0)
+
+/usr/lib/systemd/system/mysqld.*\.service -- gen_context(system_u:object_r:mysqld_unit_t,s0)
+
+/usr/libexec/mysqld -- gen_context(system_u:object_r:mysqld_exec_t,s0)
+
+/usr/sbin/mysqld(-max)? -- gen_context(system_u:object_r:mysqld_exec_t,s0)
+/usr/sbin/mysqlmanager -- gen_context(system_u:object_r:mysqlmanagerd_exec_t,s0)
+/usr/sbin/ndbd -- gen_context(system_u:object_r:mysqld_exec_t,s0)
+
+/var/lib/mysql(/.*)? gen_context(system_u:object_r:mysqld_db_t,s0)
+/var/lib/mysql/mysql.* -s gen_context(system_u:object_r:mysqld_var_run_t,s0)
+
+/var/log/mariadb(/.*)? gen_context(system_u:object_r:mysqld_log_t,s0)
+/var/log/mysql.* -- gen_context(system_u:object_r:mysqld_log_t,s0)
+
+/run/mysqld.* gen_context(system_u:object_r:mysqld_var_run_t,s0)
+/run/mysqlmanager.* -- gen_context(system_u:object_r:mysqlmanagerd_var_run_t,s0)
+/run/mysqld/mysqlmanager.* -- gen_context(system_u:object_r:mysqlmanagerd_var_run_t,s0)
+
+
+ifdef(`distro_gentoo',`
+/usr/share/mysql/scripts(/.*)? gen_context(system_u:object_r:bin_t,s0)
+')