+++ /dev/null
-policy_module(sambagui, 1.0.1)
-
-########################################
-#
-# Declarations
-#
-
-type sambagui_t;
-type sambagui_exec_t;
-dbus_system_domain(sambagui_t, sambagui_exec_t)
-
-########################################
-#
-# system-config-samba local policy
-#
-
-allow sambagui_t self:capability dac_override;
-allow sambagui_t self:fifo_file rw_fifo_file_perms;
-allow sambagui_t self:unix_dgram_socket create_socket_perms;
-
-# read meminfo
-kernel_read_system_state(sambagui_t)
-
-# execut apps of system-config-samba
-corecmd_exec_shell(sambagui_t)
-corecmd_exec_bin(sambagui_t)
-
-dev_dontaudit_read_urand(sambagui_t)
-
-files_read_usr_files(sambagui_t)
-files_read_etc_files(sambagui_t)
-files_search_var_lib(sambagui_t)
-files_read_usr_files(sambagui_t)
-
-auth_use_nsswitch(sambagui_t)
-auth_dontaudit_read_shadow(sambagui_t)
-
-logging_send_syslog_msg(sambagui_t)
-
-miscfiles_read_localization(sambagui_t)
-
-optional_policy(`
- consoletype_exec(sambagui_t)
-')
-
-optional_policy(`
- nscd_dontaudit_search_pid(sambagui_t)
-')
-
-optional_policy(`
- policykit_dbus_chat(sambagui_t)
-')
-
-optional_policy(`
- # handling with samba conf files
- samba_append_log(sambagui_t)
- samba_manage_config(sambagui_t)
- samba_manage_var_files(sambagui_t)
- samba_read_secrets(sambagui_t)
- samba_initrc_domtrans(sambagui_t)
- samba_systemctl(sambagui_t)
- samba_domtrans_smbd(sambagui_t)
- samba_domtrans_nmbd(sambagui_t)
-')
projects / people / stevee / selinux-policy.git / commitdiff
