mirror of
https://github.com/containers/udica
synced 2024-05-24 01:46:11 +02:00
Enable udica to generate policies with fifo class
Udica generates SELinux security allow rules only for files,dirs and sockets. Following commit adds also FIFO files. The change required also to modify existing unit tests. Fixes: #85
This commit is contained in:
Lukas Vrabec
Vit Mojzis
parent
c19810736c
commit
f436537ba8
|
|
@ -141,6 +141,8 @@ fcontexts = [
|
|||
("/var/spool/postfix/deferred(/.*)?", "system_u:object_r:postfix_spool_t:s0"),
|
||||
("/var/spool/postfix/maildrop(/.*)?", "system_u:object_r:postfix_spool_t:s0"),
|
||||
("/var/spool/postfix/postgrey(/.*)?", "system_u:object_r:postgrey_spool_t:s0"),
|
||||
("/var/log/boot\.log.*", "system_u:object_r:plymouthd_var_log_t:s0"),
|
||||
("/var/spool/plymouth/boot\.log.*", "system_u:object_r:plymouthd_var_log_t:s0"),
|
||||
("/var/spool/zoneminder-upload(/.*)?", "system_u:object_r:zoneminder_spool_t:s0"),
|
||||
]
|
||||
fcontexts_local = [
|
||||
|
|
@ -157,6 +159,7 @@ fcontexts_homedirs = [
|
|||
("/var/spool/fcron/systab\\.orig", "system_u:object_r:system_cron_spool_t:s0"),
|
||||
("/var/spool/postfix/etc/localtime", "system_u:object_r:locale_t:s0"),
|
||||
("/var/spool/cron/user", "system_u:object_r:user_cron_spool_t:s0"),
|
||||
("/var/spool/cron/[^/]+", "system_u:object_r:user_cron_spool_t:s0"),
|
||||
]
|
||||
|
||||
semanage_fcontext_list = Mock(return_value=(0, fcontexts))
|
||||
|
|
|
|||
|
|
@ -4,287 +4,390 @@
|
|||
(blockinherit home_container)
|
||||
(allow process var_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process var_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process var_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process var_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process xdm_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process xdm_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process xdm_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process xdm_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mqueue_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mqueue_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mqueue_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mqueue_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process quota_db_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process quota_db_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process quota_db_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process quota_db_t ( sock_file ( append getattr open read write )))
|
||||
(allow process user_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process user_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process user_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process user_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_retrace_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_retrace_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_retrace_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_retrace_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process getty_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process getty_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process getty_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process getty_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process print_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process print_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process print_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process print_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process smsd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process smsd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process smsd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process smsd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_var_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_var_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_var_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_var_cache_t ( sock_file ( append getattr open read write )))
|
||||
(allow process ctdbd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process ctdbd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process ctdbd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process ctdbd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process print_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process print_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process print_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process print_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process httpd_sys_rw_content_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process httpd_sys_rw_content_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process httpd_sys_rw_content_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process httpd_sys_rw_content_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mail_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mail_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mail_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mail_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mail_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mail_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mail_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mail_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process news_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process news_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process news_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process news_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process rwho_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process rwho_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process rwho_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process rwho_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process uucpd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process uucpd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process uucpd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process uucpd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process exim_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process exim_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process exim_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process exim_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process audit_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process audit_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process audit_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process audit_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_var_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_var_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_var_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_var_cache_t ( sock_file ( append getattr open read write )))
|
||||
(allow process samba_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process samba_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process samba_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process samba_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mail_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mail_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mail_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mail_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process squid_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process squid_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process squid_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process squid_cache_t ( sock_file ( append getattr open read write )))
|
||||
(allow process tetex_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process tetex_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process tetex_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process tetex_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process getty_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process getty_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process getty_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process getty_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process bacula_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process bacula_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process bacula_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process bacula_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process nagios_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process nagios_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process nagios_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process nagios_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process nagios_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process nagios_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process nagios_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process nagios_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process snmpd_var_lib_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process snmpd_var_lib_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process snmpd_var_lib_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process snmpd_var_lib_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process httpd_sys_rw_content_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process httpd_sys_rw_content_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process httpd_sys_rw_content_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process httpd_sys_rw_content_t ( sock_file ( append getattr open read write )))
|
||||
(allow process quota_db_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process quota_db_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process quota_db_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process quota_db_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mailman_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mailman_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mailman_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mailman_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process antivirus_db_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process antivirus_db_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process antivirus_db_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process antivirus_db_t ( sock_file ( append getattr open read write )))
|
||||
(allow process system_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process system_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process system_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process system_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process courier_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process courier_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process courier_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process courier_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process dovecot_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process dovecot_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process dovecot_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process dovecot_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process prelude_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process prelude_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process prelude_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process prelude_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process pyicqt_var_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process pyicqt_var_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process pyicqt_var_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process pyicqt_var_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process var_log_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process var_log_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process var_log_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process var_log_t ( sock_file ( append getattr open read write )))
|
||||
(allow process rpm_var_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process rpm_var_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process rpm_var_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process rpm_var_cache_t ( sock_file ( append getattr open read write )))
|
||||
(allow process asterisk_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process asterisk_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process asterisk_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process asterisk_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process print_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process print_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process print_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process print_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process dkim_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process dkim_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process dkim_milter_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process dkim_milter_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process plymouthd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process plymouthd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process plymouthd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process plymouthd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mqueue_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mqueue_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mqueue_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mqueue_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process dkim_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process dkim_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process dkim_milter_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process dkim_milter_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamd_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamd_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamd_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamd_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process courier_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process courier_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process courier_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process courier_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process var_log_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process var_log_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process var_log_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process var_log_t ( sock_file ( append getattr open read write )))
|
||||
(allow process callweaver_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process callweaver_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process callweaver_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process callweaver_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process sge_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process sge_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process sge_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process sge_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_var_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_var_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_var_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_var_cache_t ( sock_file ( append getattr open read write )))
|
||||
(allow process lpd_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process lpd_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process lpd_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process lpd_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process uucpd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process uucpd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process uucpd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process uucpd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mscan_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mscan_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mscan_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mscan_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process public_content_rw_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process public_content_rw_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process public_content_rw_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process public_content_rw_t ( sock_file ( append getattr open read write )))
|
||||
(allow process etc_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process etc_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process etc_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process etc_t ( sock_file ( append getattr open read write )))
|
||||
(allow process lib_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process lib_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process lib_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process lib_t ( sock_file ( append getattr open read write )))
|
||||
(allow process lib_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process lib_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process lib_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process lib_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_retrace_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_retrace_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_retrace_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_retrace_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process regex_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process regex_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process regex_milter_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process regex_milter_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process squirrelmail_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process squirrelmail_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process squirrelmail_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process squirrelmail_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamd_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamd_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamd_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamd_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process lib_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process lib_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process lib_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process lib_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_bounce_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_bounce_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_bounce_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_bounce_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_public_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_public_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_public_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_public_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_retrace_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_retrace_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_retrace_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_retrace_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process ld_so_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process ld_so_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process ld_so_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process ld_so_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_private_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_private_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_private_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_private_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamass_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamass_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamass_milter_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamass_milter_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process prelude_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process prelude_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process prelude_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process prelude_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postgrey_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postgrey_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postgrey_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postgrey_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process plymouthd_var_log_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process plymouthd_var_log_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process plymouthd_var_log_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process plymouthd_var_log_t ( sock_file ( append getattr open read write )))
|
||||
(allow process zoneminder_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process zoneminder_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process zoneminder_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process zoneminder_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process user_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process user_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process user_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process user_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process device_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process device_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process device_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process device_t ( sock_file ( append getattr open read write )))
|
||||
(allow process var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process system_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process system_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process system_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process system_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process devlog_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process devlog_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process devlog_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process devlog_t ( sock_file ( append getattr open read write )))
|
||||
(allow process system_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process system_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process system_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process system_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process system_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process system_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process system_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process system_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process locale_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process locale_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process locale_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process locale_t ( sock_file ( append getattr open read write )))
|
||||
(allow process user_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process user_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process user_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process user_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process user_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process user_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process user_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process user_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process var_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process var_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process var_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process var_spool_t ( sock_file ( append getattr open read write )))
|
||||
)
|
||||
)
|
||||
|
|
@ -5,287 +5,390 @@
|
|||
(blockinherit home_container)
|
||||
(allow process var_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process var_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process var_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process var_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process xdm_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process xdm_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process xdm_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process xdm_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mqueue_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mqueue_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mqueue_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mqueue_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process quota_db_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process quota_db_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process quota_db_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process quota_db_t ( sock_file ( append getattr open read write )))
|
||||
(allow process user_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process user_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process user_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process user_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_retrace_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_retrace_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_retrace_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_retrace_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process getty_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process getty_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process getty_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process getty_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process print_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process print_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process print_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process print_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process smsd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process smsd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process smsd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process smsd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_var_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_var_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_var_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_var_cache_t ( sock_file ( append getattr open read write )))
|
||||
(allow process ctdbd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process ctdbd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process ctdbd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process ctdbd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process print_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process print_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process print_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process print_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process httpd_sys_rw_content_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process httpd_sys_rw_content_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process httpd_sys_rw_content_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process httpd_sys_rw_content_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mail_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mail_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mail_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mail_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mail_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mail_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mail_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mail_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process news_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process news_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process news_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process news_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process rwho_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process rwho_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process rwho_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process rwho_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process uucpd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process uucpd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process uucpd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process uucpd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process exim_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process exim_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process exim_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process exim_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process audit_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process audit_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process audit_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process audit_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_var_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_var_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_var_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_var_cache_t ( sock_file ( append getattr open read write )))
|
||||
(allow process samba_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process samba_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process samba_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process samba_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mail_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mail_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mail_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mail_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process squid_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process squid_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process squid_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process squid_cache_t ( sock_file ( append getattr open read write )))
|
||||
(allow process tetex_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process tetex_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process tetex_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process tetex_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process getty_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process getty_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process getty_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process getty_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process bacula_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process bacula_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process bacula_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process bacula_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process nagios_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process nagios_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process nagios_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process nagios_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process nagios_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process nagios_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process nagios_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process nagios_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process snmpd_var_lib_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process snmpd_var_lib_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process snmpd_var_lib_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process snmpd_var_lib_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process httpd_sys_rw_content_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process httpd_sys_rw_content_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process httpd_sys_rw_content_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process httpd_sys_rw_content_t ( sock_file ( append getattr open read write )))
|
||||
(allow process quota_db_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process quota_db_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process quota_db_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process quota_db_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mailman_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mailman_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mailman_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mailman_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process antivirus_db_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process antivirus_db_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process antivirus_db_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process antivirus_db_t ( sock_file ( append getattr open read write )))
|
||||
(allow process system_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process system_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process system_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process system_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process courier_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process courier_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process courier_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process courier_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process dovecot_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process dovecot_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process dovecot_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process dovecot_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process prelude_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process prelude_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process prelude_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process prelude_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process pyicqt_var_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process pyicqt_var_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process pyicqt_var_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process pyicqt_var_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process var_log_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process var_log_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process var_log_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process var_log_t ( sock_file ( append getattr open read write )))
|
||||
(allow process rpm_var_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process rpm_var_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process rpm_var_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process rpm_var_cache_t ( sock_file ( append getattr open read write )))
|
||||
(allow process asterisk_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process asterisk_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process asterisk_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process asterisk_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process print_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process print_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process print_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process print_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process dkim_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process dkim_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process dkim_milter_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process dkim_milter_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process plymouthd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process plymouthd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process plymouthd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process plymouthd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mqueue_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mqueue_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mqueue_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mqueue_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process dkim_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process dkim_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process dkim_milter_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process dkim_milter_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamd_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamd_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamd_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamd_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process courier_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process courier_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process courier_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process courier_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process var_log_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process var_log_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process var_log_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process var_log_t ( sock_file ( append getattr open read write )))
|
||||
(allow process callweaver_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process callweaver_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process callweaver_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process callweaver_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process sge_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process sge_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process sge_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process sge_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_var_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_var_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_var_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_var_cache_t ( sock_file ( append getattr open read write )))
|
||||
(allow process lpd_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process lpd_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process lpd_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process lpd_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process uucpd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process uucpd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process uucpd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process uucpd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mscan_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mscan_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mscan_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mscan_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process public_content_rw_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process public_content_rw_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process public_content_rw_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process public_content_rw_t ( sock_file ( append getattr open read write )))
|
||||
(allow process etc_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process etc_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process etc_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process etc_t ( sock_file ( append getattr open read write )))
|
||||
(allow process lib_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process lib_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process lib_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process lib_t ( sock_file ( append getattr open read write )))
|
||||
(allow process lib_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process lib_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process lib_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process lib_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_retrace_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_retrace_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_retrace_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_retrace_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process regex_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process regex_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process regex_milter_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process regex_milter_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process squirrelmail_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process squirrelmail_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process squirrelmail_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process squirrelmail_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamd_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamd_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamd_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamd_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process lib_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process lib_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process lib_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process lib_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_bounce_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_bounce_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_bounce_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_bounce_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_public_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_public_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_public_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_public_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_retrace_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_retrace_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_retrace_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_retrace_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process ld_so_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process ld_so_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process ld_so_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process ld_so_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_private_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_private_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_private_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_private_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamass_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamass_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamass_milter_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamass_milter_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process prelude_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process prelude_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process prelude_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process prelude_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postgrey_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postgrey_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postgrey_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postgrey_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process plymouthd_var_log_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process plymouthd_var_log_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process plymouthd_var_log_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process plymouthd_var_log_t ( sock_file ( append getattr open read write )))
|
||||
(allow process zoneminder_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process zoneminder_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process zoneminder_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process zoneminder_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process user_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process user_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process user_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process user_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process device_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process device_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process device_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process device_t ( sock_file ( append getattr open read write )))
|
||||
(allow process var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process system_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process system_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process system_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process system_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process devlog_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process devlog_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process devlog_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process devlog_t ( sock_file ( append getattr open read write )))
|
||||
(allow process system_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process system_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process system_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process system_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process system_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process system_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process system_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process system_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process locale_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process locale_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process locale_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process locale_t ( sock_file ( append getattr open read write )))
|
||||
(allow process user_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process user_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process user_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process user_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process user_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process user_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process user_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process user_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process var_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process var_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process var_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process var_spool_t ( sock_file ( append getattr open read write )))
|
||||
)
|
||||
)
|
||||
|
|
@ -6,288 +6,391 @@
|
|||
(allow process ftp_port_t ( tcp_socket ( name_bind )))
|
||||
(allow process var_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process var_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process var_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process var_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process xdm_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process xdm_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process xdm_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process xdm_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mqueue_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mqueue_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mqueue_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mqueue_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process quota_db_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process quota_db_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process quota_db_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process quota_db_t ( sock_file ( append getattr open read write )))
|
||||
(allow process user_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process user_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process user_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process user_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_retrace_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_retrace_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_retrace_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_retrace_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process getty_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process getty_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process getty_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process getty_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process print_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process print_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process print_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process print_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process smsd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process smsd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process smsd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process smsd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_var_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_var_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_var_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_var_cache_t ( sock_file ( append getattr open read write )))
|
||||
(allow process ctdbd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process ctdbd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process ctdbd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process ctdbd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process print_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process print_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process print_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process print_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process httpd_sys_rw_content_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process httpd_sys_rw_content_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process httpd_sys_rw_content_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process httpd_sys_rw_content_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mail_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mail_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mail_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mail_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mail_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mail_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mail_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mail_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process news_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process news_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process news_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process news_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process rwho_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process rwho_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process rwho_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process rwho_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process uucpd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process uucpd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process uucpd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process uucpd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process exim_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process exim_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process exim_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process exim_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process audit_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process audit_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process audit_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process audit_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_var_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_var_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_var_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_var_cache_t ( sock_file ( append getattr open read write )))
|
||||
(allow process samba_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process samba_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process samba_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process samba_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mail_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mail_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mail_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mail_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process squid_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process squid_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process squid_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process squid_cache_t ( sock_file ( append getattr open read write )))
|
||||
(allow process tetex_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process tetex_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process tetex_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process tetex_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process getty_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process getty_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process getty_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process getty_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process bacula_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process bacula_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process bacula_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process bacula_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process nagios_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process nagios_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process nagios_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process nagios_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process nagios_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process nagios_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process nagios_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process nagios_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process snmpd_var_lib_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process snmpd_var_lib_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process snmpd_var_lib_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process snmpd_var_lib_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process httpd_sys_rw_content_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process httpd_sys_rw_content_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process httpd_sys_rw_content_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process httpd_sys_rw_content_t ( sock_file ( append getattr open read write )))
|
||||
(allow process quota_db_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process quota_db_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process quota_db_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process quota_db_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mailman_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mailman_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mailman_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mailman_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process antivirus_db_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process antivirus_db_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process antivirus_db_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process antivirus_db_t ( sock_file ( append getattr open read write )))
|
||||
(allow process system_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process system_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process system_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process system_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process courier_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process courier_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process courier_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process courier_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process dovecot_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process dovecot_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process dovecot_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process dovecot_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process prelude_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process prelude_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process prelude_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process prelude_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process pyicqt_var_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process pyicqt_var_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process pyicqt_var_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process pyicqt_var_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process var_log_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process var_log_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process var_log_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process var_log_t ( sock_file ( append getattr open read write )))
|
||||
(allow process rpm_var_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process rpm_var_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process rpm_var_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process rpm_var_cache_t ( sock_file ( append getattr open read write )))
|
||||
(allow process asterisk_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process asterisk_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process asterisk_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process asterisk_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process print_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process print_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process print_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process print_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process dkim_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process dkim_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process dkim_milter_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process dkim_milter_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process plymouthd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process plymouthd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process plymouthd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process plymouthd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mqueue_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mqueue_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mqueue_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mqueue_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process dkim_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process dkim_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process dkim_milter_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process dkim_milter_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamd_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamd_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamd_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamd_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process courier_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process courier_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process courier_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process courier_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process var_log_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process var_log_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process var_log_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process var_log_t ( sock_file ( append getattr open read write )))
|
||||
(allow process callweaver_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process callweaver_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process callweaver_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process callweaver_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process sge_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process sge_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process sge_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process sge_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_var_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_var_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_var_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_var_cache_t ( sock_file ( append getattr open read write )))
|
||||
(allow process lpd_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process lpd_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process lpd_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process lpd_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process uucpd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process uucpd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process uucpd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process uucpd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mscan_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mscan_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mscan_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mscan_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process public_content_rw_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process public_content_rw_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process public_content_rw_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process public_content_rw_t ( sock_file ( append getattr open read write )))
|
||||
(allow process etc_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process etc_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process etc_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process etc_t ( sock_file ( append getattr open read write )))
|
||||
(allow process lib_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process lib_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process lib_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process lib_t ( sock_file ( append getattr open read write )))
|
||||
(allow process lib_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process lib_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process lib_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process lib_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_retrace_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_retrace_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_retrace_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_retrace_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process regex_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process regex_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process regex_milter_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process regex_milter_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process squirrelmail_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process squirrelmail_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process squirrelmail_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process squirrelmail_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamd_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamd_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamd_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamd_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process lib_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process lib_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process lib_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process lib_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_bounce_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_bounce_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_bounce_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_bounce_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_public_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_public_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_public_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_public_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_retrace_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_retrace_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_retrace_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_retrace_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process ld_so_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process ld_so_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process ld_so_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process ld_so_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_private_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_private_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_private_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_private_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamass_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamass_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamass_milter_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamass_milter_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process prelude_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process prelude_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process prelude_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process prelude_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postgrey_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postgrey_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postgrey_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postgrey_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process plymouthd_var_log_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process plymouthd_var_log_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process plymouthd_var_log_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process plymouthd_var_log_t ( sock_file ( append getattr open read write )))
|
||||
(allow process zoneminder_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process zoneminder_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process zoneminder_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process zoneminder_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process user_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process user_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process user_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process user_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process device_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process device_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process device_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process device_t ( sock_file ( append getattr open read write )))
|
||||
(allow process var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process system_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process system_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process system_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process system_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process devlog_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process devlog_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process devlog_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process devlog_t ( sock_file ( append getattr open read write )))
|
||||
(allow process system_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process system_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process system_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process system_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process system_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process system_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process system_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process system_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process locale_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process locale_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process locale_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process locale_t ( sock_file ( append getattr open read write )))
|
||||
(allow process user_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process user_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process user_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process user_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process user_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process user_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process user_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process user_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process var_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process var_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process var_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process var_spool_t ( sock_file ( append getattr open read write )))
|
||||
(blockinherit home_container)
|
||||
)
|
||||
)
|
||||
|
|
@ -7,287 +7,390 @@
|
|||
(blockinherit home_container)
|
||||
(allow process var_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process var_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process var_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process var_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process xdm_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process xdm_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process xdm_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process xdm_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mqueue_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mqueue_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mqueue_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mqueue_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process quota_db_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process quota_db_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process quota_db_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process quota_db_t ( sock_file ( append getattr open read write )))
|
||||
(allow process user_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process user_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process user_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process user_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_retrace_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_retrace_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_retrace_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_retrace_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process getty_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process getty_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process getty_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process getty_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process print_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process print_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process print_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process print_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process smsd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process smsd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process smsd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process smsd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_var_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_var_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_var_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_var_cache_t ( sock_file ( append getattr open read write )))
|
||||
(allow process ctdbd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process ctdbd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process ctdbd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process ctdbd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process print_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process print_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process print_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process print_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process httpd_sys_rw_content_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process httpd_sys_rw_content_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process httpd_sys_rw_content_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process httpd_sys_rw_content_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mail_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mail_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mail_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mail_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mail_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mail_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mail_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mail_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process news_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process news_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process news_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process news_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process rwho_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process rwho_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process rwho_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process rwho_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process uucpd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process uucpd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process uucpd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process uucpd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process exim_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process exim_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process exim_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process exim_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process audit_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process audit_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process audit_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process audit_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_var_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_var_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_var_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_var_cache_t ( sock_file ( append getattr open read write )))
|
||||
(allow process samba_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process samba_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process samba_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process samba_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mail_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mail_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mail_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mail_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process squid_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process squid_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process squid_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process squid_cache_t ( sock_file ( append getattr open read write )))
|
||||
(allow process tetex_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process tetex_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process tetex_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process tetex_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process getty_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process getty_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process getty_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process getty_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process bacula_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process bacula_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process bacula_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process bacula_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process nagios_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process nagios_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process nagios_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process nagios_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process nagios_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process nagios_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process nagios_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process nagios_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process snmpd_var_lib_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process snmpd_var_lib_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process snmpd_var_lib_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process snmpd_var_lib_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process httpd_sys_rw_content_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process httpd_sys_rw_content_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process httpd_sys_rw_content_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process httpd_sys_rw_content_t ( sock_file ( append getattr open read write )))
|
||||
(allow process quota_db_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process quota_db_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process quota_db_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process quota_db_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mailman_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mailman_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mailman_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mailman_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process antivirus_db_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process antivirus_db_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process antivirus_db_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process antivirus_db_t ( sock_file ( append getattr open read write )))
|
||||
(allow process system_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process system_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process system_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process system_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process courier_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process courier_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process courier_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process courier_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process dovecot_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process dovecot_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process dovecot_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process dovecot_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process prelude_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process prelude_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process prelude_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process prelude_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process pyicqt_var_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process pyicqt_var_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process pyicqt_var_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process pyicqt_var_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process var_log_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process var_log_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process var_log_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process var_log_t ( sock_file ( append getattr open read write )))
|
||||
(allow process rpm_var_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process rpm_var_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process rpm_var_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process rpm_var_cache_t ( sock_file ( append getattr open read write )))
|
||||
(allow process asterisk_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process asterisk_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process asterisk_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process asterisk_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process print_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process print_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process print_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process print_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process dkim_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process dkim_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process dkim_milter_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process dkim_milter_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process plymouthd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process plymouthd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process plymouthd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process plymouthd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mqueue_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mqueue_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mqueue_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mqueue_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process dkim_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process dkim_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process dkim_milter_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process dkim_milter_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamd_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamd_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamd_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamd_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process courier_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process courier_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process courier_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process courier_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process var_log_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process var_log_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process var_log_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process var_log_t ( sock_file ( append getattr open read write )))
|
||||
(allow process callweaver_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process callweaver_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process callweaver_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process callweaver_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process sge_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process sge_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process sge_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process sge_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_var_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_var_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_var_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_var_cache_t ( sock_file ( append getattr open read write )))
|
||||
(allow process lpd_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process lpd_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process lpd_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process lpd_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process uucpd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process uucpd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process uucpd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process uucpd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process mscan_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process mscan_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process mscan_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process mscan_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process public_content_rw_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process public_content_rw_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process public_content_rw_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process public_content_rw_t ( sock_file ( append getattr open read write )))
|
||||
(allow process etc_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process etc_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process etc_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process etc_t ( sock_file ( append getattr open read write )))
|
||||
(allow process lib_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process lib_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process lib_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process lib_t ( sock_file ( append getattr open read write )))
|
||||
(allow process lib_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process lib_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process lib_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process lib_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_retrace_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_retrace_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_retrace_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_retrace_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process regex_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process regex_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process regex_milter_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process regex_milter_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamd_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process squirrelmail_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process squirrelmail_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process squirrelmail_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process squirrelmail_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamd_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamd_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamd_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamd_var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process lib_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process lib_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process lib_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process lib_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_bounce_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_bounce_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_bounce_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_bounce_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_public_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_public_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_public_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_public_t ( sock_file ( append getattr open read write )))
|
||||
(allow process abrt_retrace_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process abrt_retrace_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process abrt_retrace_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process abrt_retrace_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process ld_so_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process ld_so_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process ld_so_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process ld_so_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_private_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_private_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_private_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_private_t ( sock_file ( append getattr open read write )))
|
||||
(allow process spamass_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process spamass_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process spamass_milter_data_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process spamass_milter_data_t ( sock_file ( append getattr open read write )))
|
||||
(allow process prelude_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process prelude_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process prelude_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process prelude_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process postgrey_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process postgrey_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process postgrey_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process postgrey_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process plymouthd_var_log_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process plymouthd_var_log_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process plymouthd_var_log_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process plymouthd_var_log_t ( sock_file ( append getattr open read write )))
|
||||
(allow process zoneminder_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process zoneminder_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process zoneminder_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process zoneminder_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process user_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process user_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process user_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process user_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process device_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process device_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process device_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process device_t ( sock_file ( append getattr open read write )))
|
||||
(allow process var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process var_run_t ( sock_file ( append getattr open read write )))
|
||||
(allow process system_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process system_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process system_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process system_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process devlog_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process devlog_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process devlog_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process devlog_t ( sock_file ( append getattr open read write )))
|
||||
(allow process system_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process system_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process system_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process system_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process system_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process system_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process system_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process system_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process locale_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process locale_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process locale_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process locale_t ( sock_file ( append getattr open read write )))
|
||||
(allow process user_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process user_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process user_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process user_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process user_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process user_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process user_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process user_cron_spool_t ( sock_file ( append getattr open read write )))
|
||||
(allow process var_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process var_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process var_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process var_spool_t ( sock_file ( append getattr open read write )))
|
||||
)
|
||||
)
|
||||
|
|
@ -4,5 +4,6 @@
|
|||
|
||||
(allow process user_tmp_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
|
||||
(allow process user_tmp_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
|
||||
(allow process user_tmp_t ( fifo_file ( getattr read write append ioctl lock open )))
|
||||
(allow process user_tmp_t ( sock_file ( append getattr open read write )))
|
||||
)
|
||||
)
|
||||
|
|
@ -19,6 +19,8 @@ perm = {
|
|||
"dir_ro": "getattr ioctl lock open read search",
|
||||
"file_rw": "append create getattr ioctl lock map open read rename setattr unlink write",
|
||||
"file_ro": "getattr ioctl lock open read",
|
||||
"fifo_rw": "getattr read write append ioctl lock open",
|
||||
"fifo_ro": "getattr open read lock ioctl",
|
||||
"socket_rw": "append getattr open read write",
|
||||
"socket_ro": "getattr open read",
|
||||
}
|
||||
|
|
|
|||
|
|
@ -249,6 +249,13 @@ def write_policy_for_crio_mounts(mounts, policy):
|
|||
+ perms.perm["file_rw"]
|
||||
+ " ))) \n"
|
||||
)
|
||||
policy.write(
|
||||
" (allow process "
|
||||
+ context
|
||||
+ " ( fifo_file ( "
|
||||
+ perms.perm["fifo_rw"]
|
||||
+ " ))) \n"
|
||||
)
|
||||
policy.write(
|
||||
" (allow process "
|
||||
+ context
|
||||
|
|
@ -271,6 +278,13 @@ def write_policy_for_crio_mounts(mounts, policy):
|
|||
+ perms.perm["file_ro"]
|
||||
+ " ))) \n"
|
||||
)
|
||||
policy.write(
|
||||
" (allow process "
|
||||
+ context
|
||||
+ " ( fifo_file ( "
|
||||
+ perms.perm["fifo_ro"]
|
||||
+ " ))) \n"
|
||||
)
|
||||
policy.write(
|
||||
" (allow process "
|
||||
+ context
|
||||
|
|
@ -360,6 +374,13 @@ def write_policy_for_podman_mounts(mounts, policy):
|
|||
+ perms.perm["file_rw"]
|
||||
+ " ))) \n"
|
||||
)
|
||||
policy.write(
|
||||
" (allow process "
|
||||
+ context
|
||||
+ " ( fifo_file ( "
|
||||
+ perms.perm["fifo_rw"]
|
||||
+ " ))) \n"
|
||||
)
|
||||
policy.write(
|
||||
" (allow process "
|
||||
+ context
|
||||
|
|
@ -382,6 +403,13 @@ def write_policy_for_podman_mounts(mounts, policy):
|
|||
+ perms.perm["file_ro"]
|
||||
+ " ))) \n"
|
||||
)
|
||||
policy.write(
|
||||
" (allow process "
|
||||
+ context
|
||||
+ " ( fifo_file ( "
|
||||
+ perms.perm["fifo_ro"]
|
||||
+ " ))) \n"
|
||||
)
|
||||
policy.write(
|
||||
" (allow process "
|
||||
+ context
|
||||
|
|
|
|||
Loading…
Reference in New Issue