1 policy_module(staff, 2.2.0)
3 ########################################
10 userdom_unpriv_user_template(staff)
11 fs_exec_noxattr(staff_t)
14 allow staff_t self:process setexec;
16 ########################################
21 kernel_read_ring_buffer(staff_t)
22 kernel_getattr_core_if(staff_t)
23 kernel_getattr_message_if(staff_t)
24 kernel_read_software_raid_state(staff_t)
25 kernel_read_fs_sysctls(staff_t)
27 fs_read_hugetlbfs_files(staff_t)
29 dev_read_cpuid(staff_t)
31 domain_read_all_domains_state(staff_t)
32 domain_getattr_all_domains(staff_t)
33 domain_obj_id_change_exemption(staff_t)
35 files_read_kernel_modules(staff_t)
37 seutil_read_module_store(staff_t)
38 seutil_run_newrole(staff_t, staff_r)
40 storage_read_scsi_generic(staff_t)
41 storage_write_scsi_generic(staff_t)
43 term_use_unallocated_ttys(staff_t)
45 auth_domtrans_pam_console(staff_t)
47 init_dbus_chat(staff_t)
48 init_dbus_chat_script(staff_t)
50 miscfiles_read_hwdata(staff_t)
53 selinux_read_policy(staff_t)
57 abrt_read_cache(staff_t)
61 apache_role(staff_r, staff_t)
65 auditadm_role_change(staff_r)
69 blueman_dbus_chat(staff_t)
73 dbadm_role_change(staff_r)
77 accountsd_dbus_chat(staff_t)
78 accountsd_read_lib_files(staff_t)
82 colord_dbus_chat(staff_t)
86 gnomeclock_dbus_chat(staff_t)
90 gnome_role(staff_r, staff_t)
94 irc_role(staff_r, staff_t)
98 lpd_list_spool(staff_t)
102 mock_role(staff_r, staff_t)
106 kerneloops_dbus_chat(staff_t)
110 logadm_role_change(staff_r)
114 modutils_read_module_config(staff_t)
115 modutils_read_module_deps(staff_t)
119 netutils_run_ping(staff_t, staff_r)
120 netutils_run_traceroute(staff_t, staff_r)
121 netutils_signal_ping(staff_t)
122 netutils_kill_ping(staff_t)
126 oident_manage_user_content(staff_t)
127 oident_relabel_user_content(staff_t)
131 mta_role(staff_r, staff_t)
139 polipo_role(staff_r, staff_t)
140 polipo_named_filetrans_cache_home_dirs(staff_t)
141 polipo_named_filetrans_config_home_files(staff_t)
145 postgresql_role(staff_r, staff_t)
149 rtkit_scheduled(staff_t)
153 rpm_dbus_chat(staff_t)
157 secadm_role_change(staff_r)
161 sandbox_transition(staff_t, staff_r)
165 screen_role_template(staff, staff_r, staff_t)
169 sysadm_role_change(staff_r)
170 userdom_dontaudit_use_user_terminals(staff_t)
174 setroubleshoot_stream_connect(staff_t)
175 setroubleshoot_dbus_chat(staff_t)
176 setroubleshoot_dbus_chat_fixit(staff_t)
180 ssh_role_template(staff, staff_r, staff_t)
184 sudo_role_template(staff, staff_r, staff_t)
188 # telepathy_dbus_session_role(staff_r, staff_t)
192 userhelper_console_role_template(staff, staff_r, staff_t)
196 unconfined_role_change(staff_r)
200 usbmuxd_stream_connect(staff_t)
204 virt_stream_connect(staff_t)
208 vlock_run(staff_t, staff_r)
212 vnstatd_read_lib_files(staff_t)
216 webadm_role_change(staff_r)
220 xserver_role(staff_r, staff_t)
223 ifndef(`distro_redhat',`
225 auth_role(staff_r, staff_t)
229 bluetooth_role(staff_r, staff_t)
233 cdrecord_role(staff_r, staff_t)
237 cron_role(staff_r, staff_t)
241 dbus_role_template(staff, staff_r, staff_t)
245 games_role(staff_r, staff_t)
249 gift_role(staff_r, staff_t)
253 gpg_role(staff_r, staff_t)
257 java_role(staff_r, staff_t)
261 lockdev_role(staff_r, staff_t)
265 lpd_role(staff_r, staff_t)
269 mplayer_role(staff_r, staff_t)
273 pyzor_role(staff_r, staff_t)
277 razor_role(staff_r, staff_t)
281 rssh_role(staff_r, staff_t)
285 spamassassin_role(staff_r, staff_t)
289 su_role_template(staff, staff_r, staff_t)
293 thunderbird_role(staff_r, staff_t)
297 tvtime_role(staff_r, staff_t)
301 uml_role(staff_r, staff_t)
305 userhelper_role_template(staff, staff_r, staff_t)
309 vmware_role(staff_r, staff_t)
313 wireshark_role(staff_r, staff_t)
317 tunable_policy(`allow_execmod',`
318 userdom_execmod_user_home_files(staff_t)