policy/modules/admin/kismet.te

   1
   2 policy_module(kismet, 1.1.0)
   3
   4 ########################################
   5 #
   6 # Declarations
   7 #
   8
   9 type kismet_t;
  10 type kismet_exec_t;
  11 application_domain(kismet_t, kismet_exec_t)
  12 role system_r types kismet_t;
  13
  14 type kismet_var_run_t;
  15 files_pid_file(kismet_var_run_t)
  16
  17 type kismet_var_lib_t;
  18 files_type(kismet_var_lib_t)
  19
  20 type kismet_log_t;
  21 logging_log_file(kismet_log_t)
  22
  23 ########################################
  24 #
  25 # kismet local policy
  26 #
  27
  28 allow kismet_t self:capability { net_admin net_raw setuid setgid };
  29 allow kismet_t self:fifo_file rw_file_perms;
  30 allow kismet_t self:packet_socket create_socket_perms;
  31 allow kismet_t self:unix_dgram_socket create_socket_perms;
  32 allow kismet_t self:unix_stream_socket create_stream_socket_perms;
  33
  34 manage_files_pattern(kismet_t, kismet_log_t, kismet_log_t)
  35 allow kismet_t kismet_log_t:dir setattr;
  36 logging_log_filetrans(kismet_t, kismet_log_t, { file dir })
  37
  38 allow kismet_t kismet_var_lib_t:file manage_file_perms;
  39 allow kismet_t kismet_var_lib_t:dir manage_dir_perms;
  40 files_var_lib_filetrans(kismet_t, kismet_var_lib_t, { file dir })
  41
  42 allow kismet_t kismet_var_run_t:file manage_file_perms;
  43 allow kismet_t kismet_var_run_t:dir manage_dir_perms;
  44 files_pid_filetrans(kismet_t, kismet_var_run_t, { file dir })
  45
  46 kernel_search_debugfs(kismet_t)
  47
  48 corecmd_exec_bin(kismet_t)
  49
  50 auth_use_nsswitch(kismet_t)
  51
  52 files_read_etc_files(kismet_t)
  53
  54 libs_use_ld_so(kismet_t)
  55 libs_use_shared_libs(kismet_t)
  56
  57 miscfiles_read_localization(kismet_t)