filesystem: add supporting FUSEFS interfaces
Signed-off-by: Kenton Groombridge <me@concord.sh>
This commit is contained in:
Kenton Groombridge
parent
83df290da3
commit
c998839e98
|
|
@ -2306,6 +2306,24 @@ interface(`fs_unmount_fusefs',`
|
|||
allow $1 fusefs_t:filesystem unmount;
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Remount a FUSE filesystem.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`fs_remount_fusefs',`
|
||||
gen_require(`
|
||||
type fusefs_t;
|
||||
')
|
||||
|
||||
allow $1 fusefs_t:filesystem remount;
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Mounton a FUSEFS filesystem.
|
||||
|
|
@ -2324,6 +2342,58 @@ interface(`fs_mounton_fusefs',`
|
|||
allow $1 fusefs_t:dir mounton;
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Make FUSEFS files an entrypoint for the
|
||||
## specified domain.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## The domain for which fusefs_t is an entrypoint.
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`fs_fusefs_entry_type',`
|
||||
gen_require(`
|
||||
type fusefs_t;
|
||||
')
|
||||
|
||||
domain_entry_file($1, fusefs_t)
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Execute FUSEFS files in a specified domain.
|
||||
## </summary>
|
||||
## <desc>
|
||||
## <p>
|
||||
## Execute FUSEFS files in a specified domain.
|
||||
## </p>
|
||||
## <p>
|
||||
## No interprocess communication (signals, pipes,
|
||||
## etc.) is provided by this interface since
|
||||
## the domains are not owned by this module.
|
||||
## </p>
|
||||
## </desc>
|
||||
## <param name="source_domain">
|
||||
## <summary>
|
||||
## Domain allowed to transition.
|
||||
## </summary>
|
||||
## </param>
|
||||
## <param name="target_domain">
|
||||
## <summary>
|
||||
## Domain to transition to.
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`fs_fusefs_domtrans',`
|
||||
gen_require(`
|
||||
type fusefs_t;
|
||||
')
|
||||
|
||||
domain_auto_transition_pattern($1, fusefs_t, $2)
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Search directories
|
||||
|
|
@ -2500,6 +2570,25 @@ interface(`fs_read_fusefs_symlinks',`
|
|||
read_lnk_files_pattern($1, fusefs_t, fusefs_t)
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Manage symlinks on a FUSEFS filesystem.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## </param>
|
||||
## <rolecap/>
|
||||
#
|
||||
interface(`fs_manage_fusefs_symlinks',`
|
||||
gen_require(`
|
||||
type fusefs_t;
|
||||
')
|
||||
|
||||
manage_lnk_files_pattern($1, fusefs_t, fusefs_t)
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Get the attributes of an hugetlbfs
|
||||
|
|
|
|||
Loading…
Reference in New Issue