selinux-refpolicy/policy/modules/admin/amtu.te

policy_module(amtu, 1.4.0)

########################################
#
# Declarations
#

attribute_role amtu_roles;

type amtu_t;
type amtu_exec_t;
init_system_domain(amtu_t, amtu_exec_t)
role amtu_roles types amtu_t;

type amtu_initrc_exec_t;
init_script_file(amtu_initrc_exec_t)

########################################
#
# Local policy
#

kernel_read_system_state(amtu_t)

files_manage_boot_files(amtu_t)
files_read_etc_runtime_files(amtu_t)
files_read_etc_files(amtu_t)

logging_send_audit_msgs(amtu_t)

userdom_use_user_terminals(amtu_t)

optional_policy(`
	nscd_dontaudit_search_pid(amtu_t)
')

optional_policy(`
	seutil_use_newrole_fds(amtu_t)
')
Re-add policy modules from old refpolicy-contrib submodule. 2018-06-23 13:00:56 +00:00			`policy_module(amtu, 1.4.0)`

			`########################################`
			`#`
			`# Declarations`
			`#`

			`attribute_role amtu_roles;`

			`type amtu_t;`
			`type amtu_exec_t;`
			`init_system_domain(amtu_t, amtu_exec_t)`
			`role amtu_roles types amtu_t;`

			`type amtu_initrc_exec_t;`
			`init_script_file(amtu_initrc_exec_t)`

			`########################################`
			`#`
			`# Local policy`
			`#`

			`kernel_read_system_state(amtu_t)`

			`files_manage_boot_files(amtu_t)`
			`files_read_etc_runtime_files(amtu_t)`
			`files_read_etc_files(amtu_t)`

			`logging_send_audit_msgs(amtu_t)`

			`userdom_use_user_terminals(amtu_t)`

			optional_policy(`
			`nscd_dontaudit_search_pid(amtu_t)`
			`')`

			optional_policy(`
			`seutil_use_newrole_fds(amtu_t)`
			`')`