]>
Commit | Line | Data |
---|---|---|
826d0142 | 1 | policy_module(unprivuser, 2.2.0) |
e9c6cda7 CP |
2 | |
3 | # this module should be named user, but that is | |
4 | # a compile error since user is a keyword. | |
5 | ||
6 | ######################################## | |
7 | # | |
8 | # Declarations | |
9 | # | |
10 | ||
11 | role user_r; | |
12 | ||
13 | userdom_unpriv_user_template(user) | |
14 | ||
3eaa9939 | 15 | fs_exec_noxattr(user_t) |
a6c4623b | 16 | fs_read_hugetlbfs_files(user_t) |
3eaa9939 | 17 | |
56dc5bdf DW |
18 | storage_read_scsi_generic(user_t) |
19 | storage_write_scsi_generic(user_t) | |
20 | ||
4d22fba0 | 21 | tunable_policy(`allow_execmod',` |
a6c4623b | 22 | userdom_execmod_user_home_files(user_t) |
4d22fba0 DW |
23 | ') |
24 | ||
4ad28653 | 25 | optional_policy(` |
0e7fbb58 | 26 | abrt_read_cache(user_t) |
4ad28653 DW |
27 | ') |
28 | ||
296273a7 CP |
29 | optional_policy(` |
30 | apache_role(user_r, user_t) | |
31 | ') | |
32 | ||
a3cfe808 | 33 | optional_policy(` |
eba77273 | 34 | blueman_dbus_chat(user_t) |
a3cfe808 DW |
35 | ') |
36 | ||
27608c5b DW |
37 | optional_policy(` |
38 | colord_dbus_chat(user_t) | |
39 | ') | |
40 | ||
ca9e8850 DW |
41 | optional_policy(` |
42 | gnome_role(user_r, user_t) | |
43 | ') | |
44 | ||
f8f030aa DG |
45 | optional_policy(` |
46 | irc_role(user_r, user_t) | |
47 | ') | |
48 | ||
941e3db5 DG |
49 | optional_policy(` |
50 | oident_manage_user_content(user_t) | |
51 | oident_relabel_user_content(user_t) | |
52 | ') | |
53 | ||
9a52a69e MG |
54 | optional_policy(` |
55 | mta_role(user_r, user_t) | |
56 | ') | |
57 | ||
27720a24 DW |
58 | optional_policy(` |
59 | netutils_run_ping_cond(user_t, user_r) | |
60 | netutils_run_traceroute_cond(user_t, user_r) | |
61 | ') | |
62 | ||
f1b7d092 DG |
63 | optional_policy(` |
64 | polipo_role(user_r, user_t) | |
65 | polipo_named_filetrans_cache_home_dirs(user_t) | |
66 | polipo_named_filetrans_config_home_files(user_t) | |
67 | ') | |
68 | ||
3eaa9939 DW |
69 | optional_policy(` |
70 | rpm_dontaudit_dbus_chat(user_t) | |
71 | ') | |
296273a7 | 72 | |
3eaa9939 DW |
73 | optional_policy(` |
74 | rtkit_scheduled(user_t) | |
75 | ') | |
296273a7 | 76 | |
3eaa9939 DW |
77 | optional_policy(` |
78 | sandbox_transition(user_t, user_r) | |
79 | ') | |
296273a7 | 80 | |
32c61288 | 81 | optional_policy(` |
4e857ebf | 82 | ssh_role_template(user, user_r, user_t) |
32c61288 MG |
83 | ') |
84 | ||
3eaa9939 DW |
85 | optional_policy(` |
86 | screen_role_template(user, user_r, user_t) | |
87 | ') | |
296273a7 | 88 | |
3eaa9939 | 89 | optional_policy(` |
14ffaf83 | 90 | setroubleshoot_dontaudit_stream_connect(user_t) |
3eaa9939 | 91 | ') |
296273a7 | 92 | |
3bf6566d | 93 | optional_policy(` |
94 | usbmuxd_stream_connect(user_t) | |
95 | ') | |
96 | ||
d35e2ee0 | 97 | optional_policy(` |
7f9f5bce | 98 | vlock_run(user_t, user_r) |
d35e2ee0 HC |
99 | ') |
100 | ||
3eaa9939 DW |
101 | optional_policy(` |
102 | xserver_role(user_r, user_t) | |
296273a7 | 103 | ') |
2968e068 DW |
104 | |
105 | ifndef(`distro_redhat',` | |
106 | optional_policy(` | |
107 | auth_role(user_r, user_t) | |
c87e1502 | 108 | ') |
2968e068 DW |
109 | |
110 | optional_policy(` | |
111 | bluetooth_role(user_r, user_t) | |
112 | ') | |
113 | ||
114 | optional_policy(` | |
115 | cdrecord_role(user_r, user_t) | |
116 | ') | |
117 | ||
118 | optional_policy(` | |
119 | cron_role(user_r, user_t) | |
120 | ') | |
121 | ||
122 | optional_policy(` | |
123 | dbus_role_template(user, user_r, user_t) | |
124 | ') | |
296273a7 | 125 | |
2968e068 DW |
126 | optional_policy(` |
127 | gpg_role(user_r, user_t) | |
128 | ') | |
129 | ||
fcb67e8c | 130 | optional_policy(` |
f8f030aa | 131 | hadoop_role(user_r, user_t) |
2968e068 DW |
132 | ') |
133 | ||
134 | optional_policy(` | |
135 | java_role(user_r, user_t) | |
136 | ') | |
137 | ||
138 | optional_policy(` | |
139 | lockdev_role(user_r, user_t) | |
140 | ') | |
141 | ||
142 | optional_policy(` | |
143 | lpd_role(user_r, user_t) | |
144 | ') | |
145 | ||
146 | optional_policy(` | |
147 | mozilla_role(user_r, user_t) | |
148 | ') | |
149 | ||
150 | optional_policy(` | |
151 | mplayer_role(user_r, user_t) | |
152 | ') | |
153 | ||
2968e068 DW |
154 | optional_policy(` |
155 | postgresql_role(user_r, user_t) | |
156 | ') | |
157 | ||
158 | optional_policy(` | |
159 | pyzor_role(user_r, user_t) | |
160 | ') | |
161 | ||
162 | optional_policy(` | |
163 | razor_role(user_r, user_t) | |
164 | ') | |
165 | ||
166 | optional_policy(` | |
167 | rssh_role(user_r, user_t) | |
168 | ') | |
169 | ||
170 | optional_policy(` | |
171 | spamassassin_role(user_r, user_t) | |
172 | ') | |
173 | ||
2968e068 DW |
174 | optional_policy(` |
175 | su_role_template(user, user_r, user_t) | |
176 | ') | |
177 | ||
178 | optional_policy(` | |
179 | sudo_role_template(user, user_r, user_t) | |
180 | ') | |
181 | ||
182 | optional_policy(` | |
183 | thunderbird_role(user_r, user_t) | |
184 | ') | |
185 | ||
186 | optional_policy(` | |
187 | tvtime_role(user_r, user_t) | |
188 | ') | |
189 | ||
190 | optional_policy(` | |
191 | uml_role(user_r, user_t) | |
192 | ') | |
193 | ||
194 | optional_policy(` | |
195 | userhelper_role_template(user, user_r, user_t) | |
196 | ') | |
197 | ||
198 | optional_policy(` | |
199 | vmware_role(user_r, user_t) | |
200 | ') | |
201 | ||
202 | optional_policy(` | |
203 | wireshark_role(user_r, user_t) | |
204 | ') | |
205 | ') | |
27720a24 | 206 |