diff options
Diffstat (limited to 'policy/modules/kernel/corecommands.te')
| -rw-r--r-- | policy/modules/kernel/corecommands.te | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/policy/modules/kernel/corecommands.te b/policy/modules/kernel/corecommands.te new file mode 100644 index 00000000..4fc5a9cb --- /dev/null +++ b/policy/modules/kernel/corecommands.te @@ -0,0 +1,27 @@ +policy_module(corecommands, 1.16.0) + +######################################## +# +# Declarations +# + +# +# Types with the exec_type attribute are executable files. +# +attribute exec_type; + +# +# bin_t is the type of files in the system bin/sbin directories. +# +type bin_t alias { ls_exec_t sbin_t }; +corecmd_executable_file(bin_t) +dev_associate(bin_t) #For /dev/MAKEDEV + +# +# shell_exec_t is the type of user shells such as /bin/bash. +# +type shell_exec_t; +corecmd_executable_file(shell_exec_t) + +type chroot_exec_t; +corecmd_executable_file(chroot_exec_t) |