Oreon-Lime-R2/selinux-policy/selinux-policy-d9f4a2b/selinux-policy-d9f4a2bbeb91fd95d0c35a90936efb9ea99d2455/policy/modules/contrib/afterburn.te

policy_module(afterburn, 1.0.0)

########################################
#
# Declarations
#

type afterburn_t;
type afterburn_exec_t;
init_daemon_domain(afterburn_t, afterburn_exec_t)

type afterburn_unit_file_t;
systemd_unit_file(afterburn_unit_file_t)

permissive afterburn_t;

########################################
#
# afterburn local policy
#
allow afterburn_t self:capability { setgid setuid sys_admin };
allow afterburn_t self:process { fork setpgid };
allow afterburn_t self:fifo_file rw_fifo_file_perms;
allow afterburn_t self:unix_dgram_socket create_socket_perms;

kernel_dgram_send(afterburn_t)
kernel_read_all_proc(afterburn_t)

corenet_tcp_connect_http_port(afterburn_t)

domain_use_interactive_fds(afterburn_t)

files_read_etc_files(afterburn_t)

optional_policy(`
	auth_use_nsswitch(afterburn_t)
')

optional_policy(`
	logging_write_syslog_pid_socket(afterburn_t)
')

optional_policy(`
	miscfiles_read_localization(afterburn_t)
')

optional_policy(`
	networkmanager_dbus_chat(afterburn_t)
')

optional_policy(`
	ssh_filetrans_home_content(afterburn_t)
')

optional_policy(`
	sysnet_dns_name_resolve(afterburn_t)
')
extract all compressed files to make viewing source code easier and updated oreon-backgrounds and oreon-release packages 2024-07-03 21:20:34 -07:00			`policy_module(afterburn, 1.0.0)`

			`########################################`
			`#`
			`# Declarations`
			`#`

			`type afterburn_t;`
			`type afterburn_exec_t;`
			`init_daemon_domain(afterburn_t, afterburn_exec_t)`

			`type afterburn_unit_file_t;`
			`systemd_unit_file(afterburn_unit_file_t)`

			`permissive afterburn_t;`

			`########################################`
			`#`
			`# afterburn local policy`
			`#`
			`allow afterburn_t self:capability { setgid setuid sys_admin };`
			`allow afterburn_t self:process { fork setpgid };`
			`allow afterburn_t self:fifo_file rw_fifo_file_perms;`
			`allow afterburn_t self:unix_dgram_socket create_socket_perms;`

			`kernel_dgram_send(afterburn_t)`
			`kernel_read_all_proc(afterburn_t)`

			`corenet_tcp_connect_http_port(afterburn_t)`

			`domain_use_interactive_fds(afterburn_t)`

			`files_read_etc_files(afterburn_t)`

			optional_policy(`
			`auth_use_nsswitch(afterburn_t)`
			`')`

			optional_policy(`
			`logging_write_syslog_pid_socket(afterburn_t)`
			`')`

			optional_policy(`
			`miscfiles_read_localization(afterburn_t)`
			`')`

			optional_policy(`
			`networkmanager_dbus_chat(afterburn_t)`
			`')`

			optional_policy(`
			`ssh_filetrans_home_content(afterburn_t)`
			`')`

			optional_policy(`
			`sysnet_dns_name_resolve(afterburn_t)`
			`')`