You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
31 lines
868 B
31 lines
868 B
6 months ago
|
|
||
|
module tdm 1.0;
|
||
|
|
||
|
require {
|
||
|
type etc_t;
|
||
|
type fprintd_t;
|
||
|
type init_t;
|
||
|
type tmp_t;
|
||
|
type unconfined_service_t;
|
||
|
type unconfined_t;
|
||
|
type var_lib_t;
|
||
|
type var_run_t;
|
||
|
type xdm_t;
|
||
|
class capability2 mac_admin;
|
||
|
class dbus send_msg;
|
||
|
class fifo_file { getattr open read setattr unlink };
|
||
|
class file { create entrypoint getattr lock map open read rename unlink write };
|
||
|
class lnk_file unlink;
|
||
|
class process transition;
|
||
|
}
|
||
|
|
||
|
allow fprintd_t init_t:dbus send_msg;
|
||
|
allow unconfined_service_t unconfined_t:process transition;
|
||
|
allow unconfined_t self:capability2 mac_admin;
|
||
|
allow xdm_t etc_t:file { create rename unlink write };
|
||
|
allow xdm_t tmp_t:fifo_file { getattr open read setattr unlink };
|
||
|
allow xdm_t tmp_t:file { map open unlink };
|
||
|
allow xdm_t tmp_t:lnk_file unlink;
|
||
|
allow xdm_t var_lib_t:file { unlink };
|
||
|
allow xdm_t var_run_t:file { getattr lock open read write };
|