Oreon-Lime-R2/selinux-policy/selinux-policy-bc228bd/selinux-policy-bc228bd0c249a9e4aa3dcf238c2b1bb138943b07/policy/modules/kernel/filesystem.fc

39 lines
1.4 KiB
Text
Raw Permalink Normal View History

# ecryptfs does not support xattr
HOME_DIR/\.ecryptfs(/.*)? gen_context(system_u:object_r:ecryptfs_t,s0)
HOME_DIR/\.Private(/.*)? gen_context(system_u:object_r:ecryptfs_t,s0)
/dev/hugepages -d gen_context(system_u:object_r:hugetlbfs_t,s0)
/dev/hugepages(/.*)? <<none>>
/dev/shm -d gen_context(system_u:object_r:tmpfs_t,s0-mls_systemhigh)
/dev/shm/.* <<none>>
/dev/oracleasm(/.*)? gen_context(system_u:object_r:oracleasmfs_t,s0)
/usr/lib/udev/devices/hugepages -d gen_context(system_u:object_r:hugetlbfs_t,s0)
/usr/lib/udev/devices/hugepages/.* <<none>>
/usr/lib/udev/devices/shm -d gen_context(system_u:object_r:tmpfs_t,s0)
/usr/lib/udev/devices/shm/.* <<none>>
/var/run/user/%{USERID}/gvfs -d gen_context(system_u:object_r:fusefs_t,s0)
/var/run/user/%{USERID}/gvfs/.* <<none>>
# for systemd systems:
#
/sys/fs/bpf -d gen_context(system_u:object_r:bpf_t,s0)
/sys/fs/bpf/.* <<none>>
/sys/fs/cgroup -d gen_context(system_u:object_r:cgroup_t,s0)
/sys/fs/cgroup/.* <<none>>
/sys/fs/pstore -d gen_context(system_u:object_r:pstore_t,s0)
/sys/fs/pstore/.* <<none>>
/sys/firmware/efi/efivars -d gen_context(system_u:object_r:efivarfs_t,s0)
/sys/firmware/efi/efivars/.* <<none>>
/sys/kernel/tracing -d gen_context(system_u:object_r:tracefs_t,s0)
/sys/kernel/tracing/.* <<none>>
/var/run/shm -d gen_context(system_u:object_r:tmpfs_t,s0)
/var/run/shm/.* <<none>>