Oreon-Lime-R2/selinux-policy/selinux-policy-bc228bd/selinux-policy-bc228bd0c249a9e4aa3dcf238c2b1bb138943b07/policy/modules/system/selinuxutil.fc

66 lines
3.2 KiB
Text

# SELinux userland utilities
#
# /etc
#
/etc/selinux(/.*)? gen_context(system_u:object_r:selinux_config_t,s0)
/etc/selinux/([^/]*/)?contexts(/.*)? gen_context(system_u:object_r:default_context_t,s0)
/etc/selinux/([^/]*/)?contexts/files(/.*)? gen_context(system_u:object_r:file_context_t,s0)
/etc/selinux/([^/]*/)?logins(/.*)? gen_context(system_u:object_r:selinux_login_config_t,s0)
/etc/selinux/([^/]*/)?policy(/.*)? gen_context(system_u:object_r:semanage_store_t,s0)
/etc/selinux/([^/]*/)?setrans\.conf -- gen_context(system_u:object_r:selinux_config_t,mls_systemhigh)
/etc/selinux/([^/]*/)?seusers -- gen_context(system_u:object_r:selinux_config_t,s0)
/etc/selinux/([^/]*/)?modules/(active|tmp|previous)(/.*)? gen_context(system_u:object_r:semanage_store_t,s0)
/etc/selinux/(minimum|mls|targeted)/active(/.*)? gen_context(system_u:object_r:semanage_store_t,s0)
/etc/selinux/([^/]*/)?modules/semanage\.read\.LOCK -- gen_context(system_u:object_r:semanage_read_lock_t,s0)
/etc/selinux/([^/]*/)?modules/semanage\.trans\.LOCK -- gen_context(system_u:object_r:semanage_trans_lock_t,s0)
/etc/selinux/([^/]*/)?users(/.*)? -- gen_context(system_u:object_r:selinux_config_t,s0)
#
# /root
#
/root/\.default_contexts -- gen_context(system_u:object_r:default_context_t,s0)
#
# /sbin
#
/sbin/load_policy -- gen_context(system_u:object_r:load_policy_exec_t,s0)
/sbin/restorecon -- gen_context(system_u:object_r:setfiles_exec_t,s0)
/sbin/setfiles.* -- gen_context(system_u:object_r:setfiles_exec_t,s0)
#
# /usr
#
/usr/bin/checkpolicy -- gen_context(system_u:object_r:checkpolicy_exec_t,s0)
/usr/bin/newrole -- gen_context(system_u:object_r:newrole_exec_t,s0)
/usr/lib/selinux(/.*)? gen_context(system_u:object_r:policy_src_t,s0)
/usr/sbin/load_policy -- gen_context(system_u:object_r:load_policy_exec_t,s0)
/usr/sbin/restorecon -- gen_context(system_u:object_r:setfiles_exec_t,s0)
/usr/sbin/restorecond -- gen_context(system_u:object_r:restorecond_exec_t,s0)
/usr/sbin/run_init -- gen_context(system_u:object_r:run_init_exec_t,s0)
/usr/sbin/setfiles.* -- gen_context(system_u:object_r:setfiles_exec_t,s0)
/usr/sbin/setsebool -- gen_context(system_u:object_r:setsebool_exec_t,s0)
/usr/sbin/semanage -- gen_context(system_u:object_r:semanage_exec_t,s0)
/usr/sbin/semodule -- gen_context(system_u:object_r:semanage_exec_t,s0)
/usr/libexec/selinux/semanage_migrate_store -- gen_context(system_u:object_r:semanage_exec_t,s0)
/usr/share/system-config-selinux/system-config-selinux-dbus\.py -- gen_context(system_u:object_r:semanage_exec_t,s0)
/usr/share/system-config-selinux/selinux_server\.py -- gen_context(system_u:object_r:semanage_exec_t,s0)
#
# /var/lib
#
/var/lib/selinux(/.*)? gen_context(system_u:object_r:semanage_store_t,s0)
/var/lib/selinux/[^/]+/semanage\.read\.LOCK -- gen_context(system_u:object_r:semanage_read_lock_t,s0)
/var/lib/selinux/[^/]+/semanage\.trans\.LOCK -- gen_context(system_u:object_r:semanage_trans_lock_t,s0)
/var/lib/sepolgen(/.*)? gen_context(system_u:object_r:selinux_config_t,s0)
#
# /var/run
#
/var/run/restorecond\.pid -- gen_context(system_u:object_r:restorecond_var_run_t,s0)
/etc/share/selinux/targeted(/.*)? gen_context(system_u:object_r:semanage_store_t,s0)
/etc/share/selinux/mls(/.*)? gen_context(system_u:object_r:semanage_store_t,s0)