Oreon-Lime-R2/selinux-policy/selinux-policy-bc228bd/selinux-policy-bc228bd0c249a9e4aa3dcf238c2b1bb138943b07/policy/modules/contrib/kpatch.te

policy_module(kpatch, 1.0.0)

########################################
#
# Declarations
#

type kpatch_t;
type kpatch_exec_t;
application_domain(kpatch_t, kpatch_exec_t)
init_daemon_domain(kpatch_t, kpatch_exec_t)

type kpatch_var_lib_t;
files_type(kpatch_var_lib_t)

########################################
#
# kpatch local policy
#

manage_dirs_pattern(kpatch_t, kpatch_var_lib_t, kpatch_var_lib_t)
manage_files_pattern(kpatch_t, kpatch_var_lib_t, kpatch_var_lib_t)
files_var_lib_filetrans(kpatch_t, kpatch_var_lib_t, { dir file })
allow kpatch_t kpatch_var_lib_t:system module_load;

auth_use_nsswitch(kpatch_t)

corecmd_exec_bin(kpatch_t)
corecmd_mmap_bin_files(kpatch_t)

dev_list_sysfs(kpatch_t)

optional_policy(`
    policykit_dbus_chat(kpatch_t)
')

optional_policy(`
    unconfined_domain(kpatch_t)
')
extract all compressed files to make viewing source code easier and updated oreon-backgrounds and oreon-release packages 2024-07-03 21:20:34 -07:00			`policy_module(kpatch, 1.0.0)`

			`########################################`
			`#`
			`# Declarations`
			`#`

			`type kpatch_t;`
			`type kpatch_exec_t;`
			`application_domain(kpatch_t, kpatch_exec_t)`
			`init_daemon_domain(kpatch_t, kpatch_exec_t)`

			`type kpatch_var_lib_t;`
			`files_type(kpatch_var_lib_t)`

			`########################################`
			`#`
			`# kpatch local policy`
			`#`

			`manage_dirs_pattern(kpatch_t, kpatch_var_lib_t, kpatch_var_lib_t)`
			`manage_files_pattern(kpatch_t, kpatch_var_lib_t, kpatch_var_lib_t)`
			`files_var_lib_filetrans(kpatch_t, kpatch_var_lib_t, { dir file })`
			`allow kpatch_t kpatch_var_lib_t:system module_load;`

			`auth_use_nsswitch(kpatch_t)`

			`corecmd_exec_bin(kpatch_t)`
			`corecmd_mmap_bin_files(kpatch_t)`

			`dev_list_sysfs(kpatch_t)`

			optional_policy(`
			`policykit_dbus_chat(kpatch_t)`
			`')`

			optional_policy(`
			`unconfined_domain(kpatch_t)`
			`')`