1 policy_module(staff, 2.2.0)
3 ########################################
10 userdom_unpriv_user_template(staff)
11 fs_exec_noxattr(staff_t)
14 allow staff_t self:process setexec;
16 ########################################
21 kernel_read_ring_buffer(staff_t)
22 kernel_getattr_core_if(staff_t)
23 kernel_getattr_message_if(staff_t)
24 kernel_read_software_raid_state(staff_t)
25 kernel_read_fs_sysctls(staff_t)
27 fs_read_hugetlbfs_files(staff_t)
29 dev_read_cpuid(staff_t)
31 domain_read_all_domains_state(staff_t)
32 domain_getattr_all_domains(staff_t)
33 domain_obj_id_change_exemption(staff_t)
35 files_read_kernel_modules(staff_t)
37 seutil_read_module_store(staff_t)
38 seutil_run_newrole(staff_t, staff_r)
40 storage_read_scsi_generic(staff_t)
41 storage_write_scsi_generic(staff_t)
43 term_use_unallocated_ttys(staff_t)
45 auth_domtrans_pam_console(staff_t)
47 init_dbus_chat(staff_t)
48 init_dbus_chat_script(staff_t)
50 miscfiles_read_hwdata(staff_t)
53 selinux_read_policy(staff_t)
57 abrt_read_cache(staff_t)
61 apache_role(staff_r, staff_t)
65 auditadm_role_change(staff_r)
69 blueman_dbus_chat(staff_t)
73 dbadm_role_change(staff_r)
77 accountsd_dbus_chat(staff_t)
78 accountsd_read_lib_files(staff_t)
82 colord_dbus_chat(staff_t)
86 gnomeclock_dbus_chat(staff_t)
90 firewallgui_dbus_chat(staff_t)
94 gnome_role(staff_r, staff_t)
98 irc_role(staff_r, staff_t)
102 lpd_list_spool(staff_t)
106 mock_role(staff_r, staff_t)
110 kerneloops_dbus_chat(staff_t)
114 logadm_role_change(staff_r)
118 modutils_read_module_config(staff_t)
119 modutils_read_module_deps(staff_t)
123 netutils_run_ping(staff_t, staff_r)
124 netutils_run_traceroute(staff_t, staff_r)
125 netutils_signal_ping(staff_t)
126 netutils_kill_ping(staff_t)
130 oident_manage_user_content(staff_t)
131 oident_relabel_user_content(staff_t)
135 mta_role(staff_r, staff_t)
143 polipo_role(staff_r, staff_t)
144 polipo_named_filetrans_cache_home_dirs(staff_t)
145 polipo_named_filetrans_config_home_files(staff_t)
149 postgresql_role(staff_r, staff_t)
153 rtkit_scheduled(staff_t)
157 rpm_dbus_chat(staff_t)
161 secadm_role_change(staff_r)
165 sandbox_transition(staff_t, staff_r)
169 screen_role_template(staff, staff_r, staff_t)
173 sysadm_role_change(staff_r)
174 userdom_dontaudit_use_user_terminals(staff_t)
178 setroubleshoot_stream_connect(staff_t)
179 setroubleshoot_dbus_chat(staff_t)
180 setroubleshoot_dbus_chat_fixit(staff_t)
184 ssh_role_template(staff, staff_r, staff_t)
188 sudo_role_template(staff, staff_r, staff_t)
192 # telepathy_dbus_session_role(staff_r, staff_t)
196 userhelper_console_role_template(staff, staff_r, staff_t)
200 unconfined_role_change(staff_r)
204 usbmuxd_stream_connect(staff_t)
208 virt_stream_connect(staff_t)
212 vlock_run(staff_t, staff_r)
216 vnstatd_read_lib_files(staff_t)
220 webadm_role_change(staff_r)
224 xserver_role(staff_r, staff_t)
227 ifndef(`distro_redhat',`
229 auth_role(staff_r, staff_t)
233 bluetooth_role(staff_r, staff_t)
237 cdrecord_role(staff_r, staff_t)
241 cron_role(staff_r, staff_t)
245 dbus_role_template(staff, staff_r, staff_t)
249 games_role(staff_r, staff_t)
253 gift_role(staff_r, staff_t)
257 gpg_role(staff_r, staff_t)
261 java_role(staff_r, staff_t)
265 lockdev_role(staff_r, staff_t)
269 lpd_role(staff_r, staff_t)
273 mplayer_role(staff_r, staff_t)
277 pyzor_role(staff_r, staff_t)
281 razor_role(staff_r, staff_t)
285 rssh_role(staff_r, staff_t)
289 spamassassin_role(staff_r, staff_t)
293 su_role_template(staff, staff_r, staff_t)
297 thunderbird_role(staff_r, staff_t)
301 tvtime_role(staff_r, staff_t)
305 uml_role(staff_r, staff_t)
309 userhelper_role_template(staff, staff_r, staff_t)
313 vmware_role(staff_r, staff_t)
317 wireshark_role(staff_r, staff_t)
321 tunable_policy(`allow_execmod',`
322 userdom_execmod_user_home_files(staff_t)
projects / people / stevee / selinux-policy.git / blob