Oreon-Lime-R2/selinux-policy/selinux-policy-d9f4a2b/selinux-policy-d9f4a2bbeb91fd95d0c35a90936efb9ea99d2455/policy/modules/contrib/bootupd.te

42 lines
888 B
Text
Raw Normal View History

policy_module(bootupd, 1.0.0)
########################################
#
# Declarations
#
type bootupd_t;
type bootupd_exec_t;
init_daemon_domain(bootupd_t, bootupd_exec_t)
type bootupd_unit_file_t;
systemd_unit_file(bootupd_unit_file_t)
type bootupd_var_run_t;
files_pid_file(bootupd_var_run_t)
permissive bootupd_t;
########################################
#
# bootupd local policy
#
allow bootupd_t self:capability { setgid setuid };
allow bootupd_t self:process { fork setpgid };
allow bootupd_t self:fifo_file rw_fifo_file_perms;
allow bootupd_t self:unix_dgram_socket create_socket_perms;
allow bootupd_t self:unix_stream_socket create_stream_socket_perms;
kernel_dgram_send(bootupd_t)
domain_use_interactive_fds(bootupd_t)
files_read_etc_files(bootupd_t)
fs_getattr_all_fs(bootupd_t)
fs_search_dos(bootupd_t)
optional_policy(`
miscfiles_read_localization(bootupd_t)
')