]>
Commit | Line | Data |
---|---|---|
d5048bc7 | 1 | policy_module(sysadm, 2.2.1) |
e9c6cda7 CP |
2 | |
3 | ######################################## | |
4 | # | |
5 | # Declarations | |
6 | # | |
7 | ||
8 | ## <desc> | |
9 | ## <p> | |
10 | ## Allow sysadm to debug or ptrace all processes. | |
11 | ## </p> | |
12 | ## </desc> | |
0bfccda4 | 13 | gen_tunable(allow_ptrace, false) |
e9c6cda7 CP |
14 | |
15 | role sysadm_r; | |
16 | ||
17 | userdom_admin_user_template(sysadm) | |
18 | ||
19 | ifndef(`enable_mls',` | |
296273a7 | 20 | userdom_security_admin_template(sysadm_t, sysadm_r) |
e9c6cda7 CP |
21 | ') |
22 | ||
23 | ######################################## | |
24 | # | |
25 | # Local policy | |
26 | # | |
2968e068 | 27 | kernel_read_fs_sysctls(sysadm_t) |
e9c6cda7 CP |
28 | |
29 | corecmd_exec_shell(sysadm_t) | |
30 | ||
3eaa9939 DW |
31 | domain_dontaudit_read_all_domains_state(sysadm_t) |
32 | ||
2968e068 DW |
33 | files_read_kernel_modules(sysadm_t) |
34 | ||
65f784aa DW |
35 | dev_filetrans_all_named_dev(sysadm_t) |
36 | storage_filetrans_all_named_dev(sysadm_t) | |
37 | term_filetrans_all_named_dev(sysadm_t) | |
72eaebd0 | 38 | |
e9c6cda7 | 39 | mls_process_read_up(sysadm_t) |
3eaa9939 DW |
40 | mls_file_read_to_clearance(sysadm_t) |
41 | mls_process_write_to_clearance(sysadm_t) | |
e9c6cda7 | 42 | |
77b776ea DW |
43 | storage_setattr_fixed_disk_dev(sysadm_t) |
44 | ||
296273a7 CP |
45 | ubac_process_exempt(sysadm_t) |
46 | ubac_file_exempt(sysadm_t) | |
47 | ubac_fd_exempt(sysadm_t) | |
48 | ||
3eaa9939 DW |
49 | application_exec(sysadm_t) |
50 | ||
e9c6cda7 | 51 | init_exec(sysadm_t) |
3eaa9939 DW |
52 | init_exec_script_files(sysadm_t) |
53 | init_dbus_chat(sysadm_t) | |
2968e068 DW |
54 | init_script_role_transition(sysadm_r) |
55 | ||
91a6f708 | 56 | miscfiles_filetrans_named_content(sysadm_t) |
2968e068 | 57 | miscfiles_read_hwdata(sysadm_t) |
e9c6cda7 | 58 | |
9c7e72de | 59 | sysnet_filetrans_named_content(sysadm_t) |
72eaebd0 | 60 | |
296273a7 CP |
61 | # Add/remove user home directories |
62 | userdom_manage_user_home_dirs(sysadm_t) | |
63 | userdom_home_filetrans_user_home_dir(sysadm_t) | |
2010eb96 | 64 | userdom_manage_tmp_role(sysadm_r, sysadm_t) |
e9c6cda7 | 65 | |
76d53813 | 66 | optional_policy(` |
5b3ec473 | 67 | alsa_filetrans_named_content(sysadm_t) |
76d53813 DW |
68 | ') |
69 | ||
72eaebd0 | 70 | optional_policy(` |
a11cc065 | 71 | ssh_filetrans_admin_home_content(sysadm_t) |
72eaebd0 DW |
72 | ') |
73 | ||
e9c6cda7 CP |
74 | ifdef(`direct_sysadm_daemon',` |
75 | optional_policy(` | |
296273a7 | 76 | init_run_daemon(sysadm_t, sysadm_r) |
e9c6cda7 CP |
77 | ') |
78 | ',` | |
79 | ifdef(`distro_gentoo',` | |
80 | optional_policy(` | |
296273a7 | 81 | seutil_init_script_run_runinit(sysadm_t, sysadm_r) |
e9c6cda7 CP |
82 | ') |
83 | ') | |
84 | ') | |
85 | ||
86 | ifndef(`enable_mls',` | |
87 | logging_manage_audit_log(sysadm_t) | |
88 | logging_manage_audit_config(sysadm_t) | |
296273a7 | 89 | logging_run_auditctl(sysadm_t, sysadm_r) |
3eaa9939 | 90 | logging_stream_connect_syslog(sysadm_t) |
e9c6cda7 CP |
91 | ') |
92 | ||
93 | tunable_policy(`allow_ptrace',` | |
94 | domain_ptrace_all_domains(sysadm_t) | |
95 | ') | |
96 | ||
97 | optional_policy(` | |
296273a7 | 98 | amanda_run_recover(sysadm_t, sysadm_r) |
e9c6cda7 CP |
99 | ') |
100 | ||
101 | optional_policy(` | |
296273a7 | 102 | apache_run_helper(sysadm_t, sysadm_r) |
3ad2a285 | 103 | apache_filetrans_home_content(sysadm_t) |
e9c6cda7 CP |
104 | #apache_run_all_scripts(sysadm_t, sysadm_r) |
105 | #apache_domtrans_sys_script(sysadm_t) | |
106 | ') | |
107 | ||
108 | optional_policy(` | |
109 | # cjp: why is this not apm_run_client | |
110 | apm_domtrans_client(sysadm_t) | |
111 | ') | |
112 | ||
113 | optional_policy(` | |
296273a7 CP |
114 | apt_run(sysadm_t, sysadm_r) |
115 | ') | |
116 | ||
117 | optional_policy(` | |
118 | auditadm_role_change(sysadm_r) | |
119 | ') | |
120 | ||
296273a7 CP |
121 | optional_policy(` |
122 | backup_run(sysadm_t, sysadm_r) | |
e9c6cda7 CP |
123 | ') |
124 | ||
125 | optional_policy(` | |
296273a7 | 126 | bind_run_ndc(sysadm_t, sysadm_r) |
e9c6cda7 CP |
127 | ') |
128 | ||
e9c6cda7 | 129 | optional_policy(` |
296273a7 | 130 | bootloader_run(sysadm_t, sysadm_r) |
e9c6cda7 CP |
131 | ') |
132 | ||
3eaa9939 DW |
133 | optional_policy(` |
134 | certmonger_dbus_chat(sysadm_t) | |
135 | ') | |
136 | ||
e9c6cda7 | 137 | optional_policy(` |
296273a7 | 138 | certwatch_run(sysadm_t, sysadm_r) |
e9c6cda7 CP |
139 | ') |
140 | ||
141 | optional_policy(` | |
296273a7 | 142 | clock_run(sysadm_t, sysadm_r) |
e9c6cda7 CP |
143 | ') |
144 | ||
145 | optional_policy(` | |
296273a7 | 146 | clockspeed_run_cli(sysadm_t, sysadm_r) |
e9c6cda7 CP |
147 | ') |
148 | ||
0351e043 DW |
149 | optional_policy(` |
150 | cron_admin_role(sysadm_r, sysadm_t) | |
151 | ') | |
152 | ||
e9c6cda7 | 153 | optional_policy(` |
296273a7 | 154 | consoletype_run(sysadm_t, sysadm_r) |
e9c6cda7 CP |
155 | ') |
156 | ||
3eaa9939 DW |
157 | optional_policy(` |
158 | daemonstools_run_start(sysadm_t, sysadm_r) | |
e9c6cda7 CP |
159 | ') |
160 | ||
4ec3fa73 DW |
161 | optional_policy(` |
162 | dbus_role_template(sysadm, sysadm_r, sysadm_t) | |
163 | ') | |
164 | ||
e9c6cda7 | 165 | optional_policy(` |
296273a7 CP |
166 | dcc_run_cdcc(sysadm_t, sysadm_r) |
167 | dcc_run_client(sysadm_t, sysadm_r) | |
168 | dcc_run_dbclean(sysadm_t, sysadm_r) | |
169 | ') | |
170 | ||
4ad28653 | 171 | optional_policy(` |
4ec3fa73 | 172 | ddcprobe_run(sysadm_t, sysadm_r) |
4ad28653 DW |
173 | ') |
174 | ||
296273a7 | 175 | optional_policy(` |
d6091320 | 176 | devicekit_filetrans_named_content(sysadm_t) |
e9c6cda7 CP |
177 | ') |
178 | ||
179 | optional_policy(` | |
180 | dmesg_exec(sysadm_t) | |
181 | ') | |
182 | ||
183 | optional_policy(` | |
296273a7 CP |
184 | dmidecode_run(sysadm_t, sysadm_r) |
185 | ') | |
186 | ||
187 | optional_policy(` | |
188 | dpkg_run(sysadm_t, sysadm_r) | |
e9c6cda7 CP |
189 | ') |
190 | ||
e9c6cda7 | 191 | optional_policy(` |
296273a7 | 192 | firstboot_run(sysadm_t, sysadm_r) |
e9c6cda7 CP |
193 | ') |
194 | ||
195 | optional_policy(` | |
296273a7 | 196 | fstools_run(sysadm_t, sysadm_r) |
e9c6cda7 CP |
197 | ') |
198 | ||
296273a7 CP |
199 | optional_policy(` |
200 | hostname_run(sysadm_t, sysadm_r) | |
e9c6cda7 CP |
201 | ') |
202 | ||
bc71a042 | 203 | optional_policy(` |
641ac054 | 204 | hadoop_role(sysadm_r, sysadm_t) |
bc71a042 PN |
205 | ') |
206 | ||
e9c6cda7 CP |
207 | optional_policy(` |
208 | # allow system administrator to use the ipsec script to look | |
209 | # at things (e.g., ipsec auto --status) | |
210 | # probably should create an ipsec_admin role for this kind of thing | |
211 | ipsec_exec_mgmt(sysadm_t) | |
212 | ipsec_stream_connect(sysadm_t) | |
213 | # for lsof | |
214 | ipsec_getattr_key_sockets(sysadm_t) | |
3eaa9939 DW |
215 | ipsec_run_setkey(sysadm_t, sysadm_r) |
216 | ipsec_run_racoon(sysadm_t, sysadm_r) | |
217 | ipsec_stream_connect_racoon(sysadm_t) | |
218 | ||
219 | optional_policy(` | |
220 | ipsec_mgmt_dbus_chat(sysadm_t) | |
221 | ') | |
e9c6cda7 CP |
222 | ') |
223 | ||
224 | optional_policy(` | |
296273a7 CP |
225 | iptables_run(sysadm_t, sysadm_r) |
226 | ') | |
227 | ||
f8f030aa DG |
228 | optional_policy(` |
229 | irc_role(sysadm_r, sysadm_t) | |
230 | ') | |
231 | ||
3eaa9939 DW |
232 | optional_policy(` |
233 | kerberos_exec_kadmind(sysadm_t) | |
d141ac47 | 234 | kerberos_filetrans_named_content(sysadm_t) |
3eaa9939 DW |
235 | ') |
236 | ||
e9c6cda7 | 237 | optional_policy(` |
296273a7 | 238 | kudzu_run(sysadm_t, sysadm_r) |
e9c6cda7 CP |
239 | ') |
240 | ||
241 | optional_policy(` | |
296273a7 | 242 | libs_run_ldconfig(sysadm_t, sysadm_r) |
e9c6cda7 CP |
243 | ') |
244 | ||
e9c6cda7 | 245 | optional_policy(` |
296273a7 | 246 | logrotate_run(sysadm_t, sysadm_r) |
e9c6cda7 CP |
247 | ') |
248 | ||
249 | optional_policy(` | |
296273a7 CP |
250 | lpd_run_checkpc(sysadm_t, sysadm_r) |
251 | lpd_role(sysadm_r, sysadm_t) | |
e9c6cda7 CP |
252 | ') |
253 | ||
254 | optional_policy(` | |
296273a7 | 255 | lvm_run(sysadm_t, sysadm_r) |
e9c6cda7 CP |
256 | ') |
257 | ||
258 | optional_policy(` | |
296273a7 CP |
259 | modutils_run_depmod(sysadm_t, sysadm_r) |
260 | modutils_run_insmod(sysadm_t, sysadm_r) | |
261 | modutils_run_update_mods(sysadm_t, sysadm_r) | |
2371d8d8 | 262 | modutils_read_module_deps(sysadm_t) |
c66c51f7 | 263 | modules_filetrans_named_content(sysadm_t) |
e9c6cda7 CP |
264 | ') |
265 | ||
266 | optional_policy(` | |
296273a7 | 267 | mount_run(sysadm_t, sysadm_r) |
3eaa9939 | 268 | mount_run_showmount(sysadm_t, sysadm_r) |
296273a7 CP |
269 | ') |
270 | ||
296273a7 CP |
271 | optional_policy(` |
272 | mta_role(sysadm_r, sysadm_t) | |
7c702088 MG |
273 | # this is defined in userdom_common_user_template |
274 | #mta_filetrans_home_content(sysadm_t) | |
780198a1 | 275 | mta_filetrans_admin_home_content(sysadm_t) |
e9c6cda7 CP |
276 | ') |
277 | ||
278 | optional_policy(` | |
279 | munin_stream_connect(sysadm_t) | |
280 | ') | |
281 | ||
282 | optional_policy(` | |
283 | mysql_stream_connect(sysadm_t) | |
284 | ') | |
285 | ||
3eaa9939 DW |
286 | optional_policy(` |
287 | ncftool_run(sysadm_t, sysadm_r) | |
288 | ') | |
289 | ||
e9c6cda7 | 290 | optional_policy(` |
296273a7 CP |
291 | netutils_run(sysadm_t, sysadm_r) |
292 | netutils_run_ping(sysadm_t, sysadm_r) | |
293 | netutils_run_traceroute(sysadm_t, sysadm_r) | |
e9c6cda7 CP |
294 | ') |
295 | ||
0ddcd8f6 DW |
296 | optional_policy(` |
297 | networkmanager_filetrans_named_content(sysadm_t) | |
298 | ') | |
299 | ||
e9c6cda7 CP |
300 | optional_policy(` |
301 | ntp_stub() | |
302 | corenet_udp_bind_ntp_port(sysadm_t) | |
303 | ') | |
304 | ||
e4b8dbb3 | 305 | optional_policy(` |
7e67b9c9 | 306 | nx_filetrans_named_content(sysadm_t) |
e4b8dbb3 DW |
307 | ') |
308 | ||
e9c6cda7 | 309 | optional_policy(` |
296273a7 CP |
310 | oav_run_update(sysadm_t, sysadm_r) |
311 | ') | |
312 | ||
87f49770 MG |
313 | optional_policy(` |
314 | openvpn_run(sysadm_t, sysadm_r) | |
315 | ') | |
316 | ||
296273a7 CP |
317 | optional_policy(` |
318 | pcmcia_run_cardctl(sysadm_t, sysadm_r) | |
e9c6cda7 CP |
319 | ') |
320 | ||
f1b7d092 DG |
321 | optional_policy(` |
322 | polipo_role(sysadm_r, sysadm_t) | |
323 | polipo_named_filetrans_admin_cache_home_dirs(sysadm_t) | |
324 | polipo_named_filetrans_admin_config_home_files(sysadm_t) | |
325 | ') | |
326 | ||
e9c6cda7 | 327 | optional_policy(` |
296273a7 CP |
328 | portage_run(sysadm_t, sysadm_r) |
329 | portage_run_gcc_config(sysadm_t, sysadm_r) | |
e9c6cda7 CP |
330 | ') |
331 | ||
332 | optional_policy(` | |
296273a7 | 333 | portmap_run_helper(sysadm_t, sysadm_r) |
e9c6cda7 CP |
334 | ') |
335 | ||
7dd47a9a DW |
336 | optional_policy(` |
337 | postfix_filetrans_named_content(sysadm_t) | |
338 | ') | |
339 | ||
3eaa9939 DW |
340 | optional_policy(` |
341 | prelink_run(sysadm_t, sysadm_r) | |
342 | ') | |
343 | ||
51b8b4c0 DW |
344 | optional_policy(` |
345 | puppet_run_puppetca(sysadm_t, sysadm_r) | |
346 | ') | |
347 | ||
e9c6cda7 | 348 | optional_policy(` |
296273a7 | 349 | quota_run(sysadm_t, sysadm_r) |
e9c6cda7 CP |
350 | ') |
351 | ||
352 | optional_policy(` | |
353 | raid_domtrans_mdadm(sysadm_t) | |
354 | ') | |
355 | ||
356 | optional_policy(` | |
357 | rpc_domtrans_nfsd(sysadm_t) | |
358 | ') | |
359 | ||
360 | optional_policy(` | |
296273a7 | 361 | rpm_run(sysadm_t, sysadm_r) |
4e889ea1 | 362 | rpm_dbus_chat(sysadm_t, sysadm_r) |
296273a7 CP |
363 | ') |
364 | ||
e9c6cda7 CP |
365 | optional_policy(` |
366 | rsync_exec(sysadm_t) | |
367 | ') | |
368 | ||
369 | optional_policy(` | |
296273a7 CP |
370 | samba_run_net(sysadm_t, sysadm_r) |
371 | samba_run_winbind_helper(sysadm_t, sysadm_r) | |
e9c6cda7 CP |
372 | ') |
373 | ||
b2f8897d HC |
374 | optional_policy(` |
375 | samhain_admin(sysadm_t) | |
376 | ') | |
377 | ||
e9c6cda7 | 378 | optional_policy(` |
296273a7 | 379 | screen_role_template(sysadm, sysadm_r, sysadm_t) |
e9c6cda7 CP |
380 | ') |
381 | ||
382 | optional_policy(` | |
296273a7 | 383 | secadm_role_change(sysadm_r) |
e9c6cda7 CP |
384 | ') |
385 | ||
7c525b65 DW |
386 | optional_policy(` |
387 | setroubleshoot_stream_connect(sysadm_t) | |
388 | setroubleshoot_dbus_chat(sysadm_t) | |
389 | setroubleshoot_dbus_chat_fixit(sysadm_t) | |
390 | ') | |
391 | ||
e9c6cda7 | 392 | optional_policy(` |
296273a7 CP |
393 | seutil_run_setfiles(sysadm_t, sysadm_r) |
394 | seutil_run_runinit(sysadm_t, sysadm_r) | |
e9c6cda7 CP |
395 | ') |
396 | ||
3eaa9939 DW |
397 | optional_policy(` |
398 | shutdown_run(sysadm_t, sysadm_r) | |
399 | ') | |
400 | ||
e9c6cda7 | 401 | optional_policy(` |
296273a7 CP |
402 | ssh_role_template(sysadm, sysadm_r, sysadm_t) |
403 | ') | |
404 | ||
405 | optional_policy(` | |
406 | staff_role_change(sysadm_r) | |
407 | ') | |
408 | ||
409 | optional_policy(` | |
410 | su_role_template(sysadm, sysadm_r, sysadm_t) | |
411 | ') | |
412 | ||
413 | optional_policy(` | |
414 | sudo_role_template(sysadm, sysadm_r, sysadm_t) | |
415 | ') | |
416 | ||
417 | optional_policy(` | |
418 | sysnet_run_ifconfig(sysadm_t, sysadm_r) | |
419 | sysnet_run_dhcpc(sysadm_t, sysadm_r) | |
420 | ') | |
421 | ||
d7441a41 DW |
422 | optional_policy(` |
423 | systemd_passwd_agent_run(sysadm_t, sysadm_r) | |
faaa4a27 DW |
424 | systemd_config_all_services(sysadm_t) |
425 | systemd_manage_all_unit_files(sysadm_t) | |
426 | systemd_manage_all_unit_lnk_files(sysadm_t) | |
d7441a41 DW |
427 | ') |
428 | ||
296273a7 CP |
429 | optional_policy(` |
430 | tripwire_run_siggen(sysadm_t, sysadm_r) | |
431 | tripwire_run_tripwire(sysadm_t, sysadm_r) | |
432 | tripwire_run_twadmin(sysadm_t, sysadm_r) | |
433 | tripwire_run_twprint(sysadm_t, sysadm_r) | |
434 | ') | |
435 | ||
e9c6cda7 CP |
436 | optional_policy(` |
437 | tzdata_domtrans(sysadm_t) | |
438 | ') | |
439 | ||
440 | optional_policy(` | |
b34db7a8 | 441 | unconfined_domtrans(sysadm_t) |
e9c6cda7 CP |
442 | ') |
443 | ||
9427adb7 MG |
444 | optional_policy(` |
445 | udev_run(sysadm_t, sysadm_r) | |
446 | ') | |
447 | ||
e9c6cda7 | 448 | optional_policy(` |
296273a7 CP |
449 | unprivuser_role_change(sysadm_r) |
450 | ') | |
451 | ||
452 | optional_policy(` | |
453 | usbmodules_run(sysadm_t, sysadm_r) | |
454 | ') | |
e9c6cda7 | 455 | |
296273a7 CP |
456 | optional_policy(` |
457 | usermanage_run_admin_passwd(sysadm_t, sysadm_r) | |
458 | usermanage_run_groupadd(sysadm_t, sysadm_r) | |
459 | usermanage_run_useradd(sysadm_t, sysadm_r) | |
460 | ') | |
461 | ||
3eaa9939 | 462 | optional_policy(` |
7c525b65 DW |
463 | virt_stream_connect(sysadm_t) |
464 | virt_filetrans_home_content(sysadm_t) | |
e9c6cda7 CP |
465 | ') |
466 | ||
467 | optional_policy(` | |
7c525b65 | 468 | vlock_run(sysadm_t, sysadm_r) |
e9c6cda7 CP |
469 | ') |
470 | ||
3eaa9939 | 471 | optional_policy(` |
7c525b65 | 472 | vpn_run(sysadm_t, sysadm_r) |
3eaa9939 DW |
473 | ') |
474 | ||
d35e2ee0 | 475 | optional_policy(` |
7c525b65 | 476 | webalizer_run(sysadm_t, sysadm_r) |
d35e2ee0 HC |
477 | ') |
478 | ||
e9c6cda7 | 479 | optional_policy(` |
296273a7 | 480 | xserver_role(sysadm_r, sysadm_t) |
e9c6cda7 CP |
481 | ') |
482 | ||
483 | optional_policy(` | |
296273a7 | 484 | yam_run(sysadm_t, sysadm_r) |
e9c6cda7 | 485 | ') |
c87e1502 | 486 | |
3eaa9939 DW |
487 | optional_policy(` |
488 | zebra_stream_connect(sysadm_t) | |
c87e1502 JS |
489 | ') |
490 | ||
2968e068 DW |
491 | ifndef(`distro_redhat',` |
492 | optional_policy(` | |
493 | apache_role(sysadm_r, sysadm_t) | |
494 | ') | |
495 | optional_policy(` | |
496 | auth_role(sysadm_r, sysadm_t) | |
497 | ') | |
3eaa9939 | 498 | |
2968e068 DW |
499 | optional_policy(` |
500 | bluetooth_role(sysadm_r, sysadm_t) | |
501 | ') | |
502 | ||
503 | optional_policy(` | |
504 | cdrecord_role(sysadm_r, sysadm_t) | |
505 | ') | |
506 | ||
2968e068 DW |
507 | optional_policy(` |
508 | dbus_role_template(sysadm, sysadm_r, sysadm_t) | |
509 | ') | |
510 | ||
511 | optional_policy(` | |
512 | evolution_role(sysadm_r, sysadm_t) | |
513 | ') | |
514 | ||
515 | optional_policy(` | |
516 | games_role(sysadm_r, sysadm_t) | |
517 | ') | |
518 | ||
519 | optional_policy(` | |
520 | gift_role(sysadm_r, sysadm_t) | |
521 | ') | |
522 | ||
523 | optional_policy(` | |
524 | gnome_role(sysadm_r, sysadm_t) | |
a11cc065 | 525 | gnome_filetrans_admin_home_content(sysadm_t) |
2968e068 DW |
526 | ') |
527 | ||
528 | optional_policy(` | |
529 | gpg_role(sysadm_r, sysadm_t) | |
530 | ') | |
531 | ||
2968e068 DW |
532 | optional_policy(` |
533 | java_role(sysadm_r, sysadm_t) | |
534 | ') | |
535 | ||
536 | optional_policy(` | |
537 | lockdev_role(sysadm_r, sysadm_t) | |
538 | ') | |
539 | ||
dd323694 DW |
540 | optional_policy(` |
541 | mock_admin(sysadm_t) | |
542 | ') | |
543 | ||
2968e068 DW |
544 | optional_policy(` |
545 | mozilla_role(sysadm_r, sysadm_t) | |
546 | ') | |
547 | ||
548 | optional_policy(` | |
549 | mplayer_role(sysadm_r, sysadm_t) | |
550 | ') | |
551 | ||
552 | optional_policy(` | |
553 | pyzor_role(sysadm_r, sysadm_t) | |
554 | ') | |
555 | ||
556 | optional_policy(` | |
557 | razor_role(sysadm_r, sysadm_t) | |
558 | ') | |
559 | ||
560 | optional_policy(` | |
561 | rssh_role(sysadm_r, sysadm_t) | |
562 | ') | |
563 | ||
564 | optional_policy(` | |
565 | spamassassin_role(sysadm_r, sysadm_t) | |
566 | ') | |
567 | ||
568 | optional_policy(` | |
569 | thunderbird_role(sysadm_r, sysadm_t) | |
570 | ') | |
571 | ||
572 | optional_policy(` | |
573 | tvtime_role(sysadm_r, sysadm_t) | |
574 | ') | |
575 | ||
576 | optional_policy(` | |
577 | uml_role(sysadm_r, sysadm_t) | |
578 | ') | |
579 | ||
580 | optional_policy(` | |
581 | userhelper_role_template(sysadm, sysadm_r, sysadm_t) | |
582 | ') | |
583 | ||
584 | optional_policy(` | |
585 | vmware_role(sysadm_r, sysadm_t) | |
586 | ') | |
587 | ||
588 | optional_policy(` | |
589 | wireshark_role(sysadm_r, sysadm_t) | |
590 | ') | |
591 | ||
592 | optional_policy(` | |
593 | xserver_role(sysadm_r, sysadm_t) | |
594 | ') | |
595 | ') |