## Clustered Database based on Samba Trivial Database. ######################################## ## ## Create, read, write, and delete ## ctdbd lib files. ## ## ## ## Domain allowed access. ## ## # interface(`ctdbd_manage_lib_files',` gen_require(` type ctdbd_var_lib_t; ') files_search_var_lib($1) manage_files_pattern($1, ctdbd_var_lib_t, ctdbd_var_lib_t) ') ####################################### ## ## Connect to ctdbd with a unix ## domain stream socket. ## ## ## ## Domain allowed access. ## ## # interface(`ctdbd_stream_connect',` gen_require(` type ctdbd_t, ctdbd_runtime_t, ctdbd_tmp_t; ') files_search_runtime($1) stream_connect_pattern($1, { ctdbd_tmp_t ctdbd_runtime_t }, { ctdbd_tmp_t ctdbd_runtime_t }, ctdbd_t) ') ######################################## ## ## All of the rules required to ## administrate an ctdb environment. ## ## ## ## Domain allowed access. ## ## ## ## ## Role allowed access. ## ## ## # interface(`ctdb_admin',` gen_require(` type ctdbd_t, ctdbd_initrc_exec_t, ctdbd_tmp_t; type ctdbd_log_t, ctdbd_var_lib_t, ctdbd_runtime_t; ') allow $1 ctdbd_t:process { ptrace signal_perms }; ps_process_pattern($1, ctdbd_t) init_startstop_service($1, $2, ctdbd_t, ctdbd_initrc_exec_t) logging_search_logs($1) admin_pattern($1, ctdbd_log_t) files_search_tmp($1) admin_pattern($1, ctdbd_tmp_t) files_search_var_lib($1) admin_pattern($1, ctdbd_var_lib_t) files_search_runtime($1) admin_pattern($1, ctdbd_runtime_t) ')