diff options
Diffstat (limited to 'policy/modules/kernel/filesystem.if')
| -rw-r--r-- | policy/modules/kernel/filesystem.if | 156 |
1 files changed, 78 insertions, 78 deletions
diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if index 54a2f13ee..93907c673 100644 --- a/policy/modules/kernel/filesystem.if +++ b/policy/modules/kernel/filesystem.if @@ -1931,84 +1931,6 @@ interface(`fs_cifs_domtrans',` domain_auto_transition_pattern($1, cifs_t, $2) ') -######################################## -## <summary> -## Create, read, write, and delete directories -## on an eCryptfs filesystem. -## </summary> -## <param name="domain"> -## <summary> -## Domain allowed access. -## </summary> -## </param> -## <rolecap/> -# -interface(`fs_manage_ecryptfs_dirs',` - gen_require(` - type ecryptfs_t; - ') - - allow $1 ecryptfs_t:dir manage_dir_perms; -') - -######################################## -## <summary> -## Create, read, write, and delete files -## on an eCryptfs filesystem. -## </summary> -## <param name="domain"> -## <summary> -## Domain allowed access. -## </summary> -## </param> -## <rolecap/> -# -interface(`fs_manage_ecryptfs_files',` - gen_require(` - type ecryptfs_t; - ') - - manage_files_pattern($1, ecryptfs_t, ecryptfs_t) -') - -######################################## -## <summary> -## Create, read, write, and delete named sockets -## on an eCryptfs filesystem. -## </summary> -## <param name="domain"> -## <summary> -## Domain allowed access. -## </summary> -## </param> -# -interface(`fs_manage_ecryptfs_named_sockets',` - gen_require(` - type ecryptfs_t; - ') - - manage_sock_files_pattern($1, ecryptfs_t, ecryptfs_t) -') - -######################################## -## <summary> -## Read symbolic links on an eCryptfs filesystem. -## </summary> -## <param name="domain"> -## <summary> -## Domain allowed access. -## </summary> -## </param> -# -interface(`fs_list_ecryptfs',` - gen_require(` - type ecryptfs_t; - ') - - allow $1 ecryptfs_t:dir list_dir_perms; - read_lnk_files_pattern($1, ecryptfs_t, ecryptfs_t) -') - ####################################### ## <summary> ## Create, read, write, and delete dirs @@ -2275,6 +2197,84 @@ interface(`fs_manage_dos_files',` ######################################## ## <summary> +## Read symbolic links on an eCryptfs filesystem. +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`fs_list_ecryptfs',` + gen_require(` + type ecryptfs_t; + ') + + allow $1 ecryptfs_t:dir list_dir_perms; + read_lnk_files_pattern($1, ecryptfs_t, ecryptfs_t) +') + +######################################## +## <summary> +## Create, read, write, and delete directories +## on an eCryptfs filesystem. +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +## <rolecap/> +# +interface(`fs_manage_ecryptfs_dirs',` + gen_require(` + type ecryptfs_t; + ') + + allow $1 ecryptfs_t:dir manage_dir_perms; +') + +######################################## +## <summary> +## Create, read, write, and delete files +## on an eCryptfs filesystem. +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +## <rolecap/> +# +interface(`fs_manage_ecryptfs_files',` + gen_require(` + type ecryptfs_t; + ') + + manage_files_pattern($1, ecryptfs_t, ecryptfs_t) +') + +######################################## +## <summary> +## Create, read, write, and delete named sockets +## on an eCryptfs filesystem. +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`fs_manage_ecryptfs_named_sockets',` + gen_require(` + type ecryptfs_t; + ') + + manage_sock_files_pattern($1, ecryptfs_t, ecryptfs_t) +') + +######################################## +## <summary> ## Get the attributes of efivarfs filesystems. ## </summary> ## <param name="domain"> |