blob: 814d55931e3d21735cad8e2a74259c860997c112 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
## <summary>Policy for gorg</summary>
#######################################
## <summary>
## Role access for gorg
## </summary>
## <param name="role">
## <summary>
## Role allowed access
## </summary>
## </param>
## <param name="domain">
## <summary>
## User domain for the role
## </summary>
## </param>
#
interface(`gorg_role',`
gen_require(`
type gorg_t, gorg_exec_t;
')
role $1 types gorg_t;
domain_auto_trans($2, gorg_exec_t, gorg_t)
allow $2 gorg_t:process { noatsecure siginh rlimitinh };
allow gorg_t $2:fd use;
allow gorg_t $2:process { sigchld signull };
ps_process_pattern($2, gorg_t)
allow $2 gorg_t:process signal_perms;
# Needed for command-usage (pipe)
allow gorg_t $2:fifo_file write;
')
|
GitWeb
