Oreon-Lime-R2/selinux-policy/selinux-policy-d9f4a2b/selinux-policy-d9f4a2bbeb91fd95d0c35a90936efb9ea99d2455/policy/modules/contrib/iotop.te

47 lines
938 B
Text
Raw Normal View History

policy_module(iotop, 1.0.0)
########################################
#
# Declarations
#
attribute_role iotop_roles;
roleattribute system_r iotop_roles;
type iotop_t;
type iotop_exec_t;
application_domain(iotop_t, iotop_exec_t)
role iotop_roles types iotop_t;
########################################
#
# iotop local policy
#
allow iotop_t self:capability net_admin;
allow iotop_t self:netlink_generic_socket create_socket_perms;
allow iotop_t self:netlink_route_socket r_netlink_socket_perms;
allow iotop_t self:netlink_socket create_socket_perms;
allow iotop_t self:unix_dgram_socket create_socket_perms;
kernel_read_system_state(iotop_t)
auth_use_nsswitch(iotop_t)
dev_read_urand(iotop_t)
domain_getsched_all_domains(iotop_t)
domain_read_all_domains_state(iotop_t)
corecmd_exec_bin(iotop_t)
miscfiles_read_localization(iotop_t)
userdom_use_user_terminals(iotop_t)
optional_policy(`
libs_exec_ldconfig(iotop_t)
')