Merge pull request #154 from pebenito/logind-user-tmp-rm
This commit is contained in:
Chris PeBenito
commit
ced5c5c71e
|
|
@ -527,6 +527,11 @@ userdom_delete_all_user_runtime_files(systemd_logind_t)
|
||||||
userdom_delete_all_user_runtime_named_pipes(systemd_logind_t)
|
userdom_delete_all_user_runtime_named_pipes(systemd_logind_t)
|
||||||
userdom_delete_all_user_runtime_named_sockets(systemd_logind_t)
|
userdom_delete_all_user_runtime_named_sockets(systemd_logind_t)
|
||||||
userdom_delete_all_user_runtime_symlinks(systemd_logind_t)
|
userdom_delete_all_user_runtime_symlinks(systemd_logind_t)
|
||||||
|
userdom_delete_user_tmp_dirs(systemd_logind_t)
|
||||||
|
userdom_delete_user_tmp_files(systemd_logind_t)
|
||||||
|
userdom_delete_user_tmp_symlinks(systemd_logind_t)
|
||||||
|
userdom_delete_user_tmp_named_pipes(systemd_logind_t)
|
||||||
|
userdom_delete_user_tmp_named_sockets(systemd_logind_t)
|
||||||
# user_tmp_t is for the dbus-1 directory
|
# user_tmp_t is for the dbus-1 directory
|
||||||
userdom_list_user_tmp(systemd_logind_t)
|
userdom_list_user_tmp(systemd_logind_t)
|
||||||
userdom_manage_user_runtime_dirs(systemd_logind_t)
|
userdom_manage_user_runtime_dirs(systemd_logind_t)
|
||||||
|
|
|
||||||
|
|
@ -2680,6 +2680,24 @@ interface(`userdom_dontaudit_list_user_tmp',`
|
||||||
dontaudit $1 user_tmp_t:dir list_dir_perms;
|
dontaudit $1 user_tmp_t:dir list_dir_perms;
|
||||||
')
|
')
|
||||||
|
|
||||||
|
########################################
|
||||||
|
## <summary>
|
||||||
|
## Delete users temporary directories.
|
||||||
|
## </summary>
|
||||||
|
## <param name="domain">
|
||||||
|
## <summary>
|
||||||
|
## Domain allowed access.
|
||||||
|
## </summary>
|
||||||
|
## </param>
|
||||||
|
#
|
||||||
|
interface(`userdom_delete_user_tmp_dirs',`
|
||||||
|
gen_require(`
|
||||||
|
type user_tmp_t;
|
||||||
|
')
|
||||||
|
|
||||||
|
delete_dirs_pattern($1, user_tmp_t, user_tmp_t)
|
||||||
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
## <summary>
|
## <summary>
|
||||||
## Do not audit attempts to manage users
|
## Do not audit attempts to manage users
|
||||||
|
|
@ -2797,6 +2815,24 @@ interface(`userdom_rw_user_tmp_files',`
|
||||||
userdom_search_user_runtime($1)
|
userdom_search_user_runtime($1)
|
||||||
')
|
')
|
||||||
|
|
||||||
|
########################################
|
||||||
|
## <summary>
|
||||||
|
## Delete users temporary files.
|
||||||
|
## </summary>
|
||||||
|
## <param name="domain">
|
||||||
|
## <summary>
|
||||||
|
## Domain allowed access.
|
||||||
|
## </summary>
|
||||||
|
## </param>
|
||||||
|
#
|
||||||
|
interface(`userdom_delete_user_tmp_files',`
|
||||||
|
gen_require(`
|
||||||
|
type user_tmp_t;
|
||||||
|
')
|
||||||
|
|
||||||
|
delete_files_pattern($1, user_tmp_t, user_tmp_t)
|
||||||
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
## <summary>
|
## <summary>
|
||||||
## Do not audit attempts to manage users
|
## Do not audit attempts to manage users
|
||||||
|
|
@ -2837,6 +2873,24 @@ interface(`userdom_read_user_tmp_symlinks',`
|
||||||
userdom_search_user_runtime($1)
|
userdom_search_user_runtime($1)
|
||||||
')
|
')
|
||||||
|
|
||||||
|
########################################
|
||||||
|
## <summary>
|
||||||
|
## Delete users temporary symbolic links.
|
||||||
|
## </summary>
|
||||||
|
## <param name="domain">
|
||||||
|
## <summary>
|
||||||
|
## Domain allowed access.
|
||||||
|
## </summary>
|
||||||
|
## </param>
|
||||||
|
#
|
||||||
|
interface(`userdom_delete_user_tmp_symlinks',`
|
||||||
|
gen_require(`
|
||||||
|
type user_tmp_t;
|
||||||
|
')
|
||||||
|
|
||||||
|
delete_lnk_files_pattern($1, user_tmp_t, user_tmp_t)
|
||||||
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
## <summary>
|
## <summary>
|
||||||
## Create, read, write, and delete user
|
## Create, read, write, and delete user
|
||||||
|
|
@ -2858,6 +2912,24 @@ interface(`userdom_manage_user_tmp_dirs',`
|
||||||
userdom_search_user_runtime($1)
|
userdom_search_user_runtime($1)
|
||||||
')
|
')
|
||||||
|
|
||||||
|
########################################
|
||||||
|
## <summary>
|
||||||
|
## Delete users temporary named pipes.
|
||||||
|
## </summary>
|
||||||
|
## <param name="domain">
|
||||||
|
## <summary>
|
||||||
|
## Domain allowed access.
|
||||||
|
## </summary>
|
||||||
|
## </param>
|
||||||
|
#
|
||||||
|
interface(`userdom_delete_user_tmp_named_pipes',`
|
||||||
|
gen_require(`
|
||||||
|
type user_tmp_t;
|
||||||
|
')
|
||||||
|
|
||||||
|
delete_fifo_files_pattern($1, user_tmp_t, user_tmp_t)
|
||||||
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
## <summary>
|
## <summary>
|
||||||
## Create, read, write, and delete user
|
## Create, read, write, and delete user
|
||||||
|
|
@ -2879,6 +2951,24 @@ interface(`userdom_manage_user_tmp_files',`
|
||||||
userdom_search_user_runtime($1)
|
userdom_search_user_runtime($1)
|
||||||
')
|
')
|
||||||
|
|
||||||
|
########################################
|
||||||
|
## <summary>
|
||||||
|
## Delete users temporary named sockets.
|
||||||
|
## </summary>
|
||||||
|
## <param name="domain">
|
||||||
|
## <summary>
|
||||||
|
## Domain allowed access.
|
||||||
|
## </summary>
|
||||||
|
## </param>
|
||||||
|
#
|
||||||
|
interface(`userdom_delete_user_tmp_named_sockets',`
|
||||||
|
gen_require(`
|
||||||
|
type user_tmp_t;
|
||||||
|
')
|
||||||
|
|
||||||
|
delete_sock_files_pattern($1, user_tmp_t, user_tmp_t)
|
||||||
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
## <summary>
|
## <summary>
|
||||||
## Create, read, write, and delete user
|
## Create, read, write, and delete user
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue