109 lines
2.2 KiB
Plaintext
109 lines
2.2 KiB
Plaintext
## <summary>Init scripts for cloud VMs</summary>
|
|
|
|
########################################
|
|
## <summary>
|
|
## Create cloud-init runtime directory.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed access.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`cloudinit_create_runtime_dirs',`
|
|
gen_require(`
|
|
type cloud_init_runtime_t;
|
|
')
|
|
|
|
files_search_runtime($1)
|
|
allow $1 cloud_init_runtime_t:dir create_dir_perms;
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Write cloud-init runtime files.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed access.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`cloudinit_write_runtime_files',`
|
|
gen_require(`
|
|
type cloud_init_runtime_t;
|
|
')
|
|
|
|
files_search_runtime($1)
|
|
write_files_pattern($1, cloud_init_runtime_t, cloud_init_runtime_t)
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Create cloud-init runtime files.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed access.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`cloudinit_create_runtime_files',`
|
|
gen_require(`
|
|
type cloud_init_runtime_t;
|
|
')
|
|
|
|
files_search_runtime($1)
|
|
create_files_pattern($1, cloud_init_runtime_t, cloud_init_runtime_t)
|
|
')
|
|
|
|
#######################################
|
|
## <summary>
|
|
## Create files in /run with the type used for
|
|
## cloud-init runtime files.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed access.
|
|
## </summary>
|
|
## </param>
|
|
## <param name="object_class">
|
|
## <summary>
|
|
## The class of the object to be created.
|
|
## </summary>
|
|
## </param>
|
|
## <param name="name" optional="true">
|
|
## <summary>
|
|
## The name of the object being created.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`cloudinit_filetrans_runtime',`
|
|
gen_require(`
|
|
type cloud_init_runtime_t;
|
|
')
|
|
|
|
files_runtime_filetrans($1, cloud_init_runtime_t, $2, $3)
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Get the attribute of cloud-init state files.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed access.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`cloudinit_getattr_state_files',`
|
|
gen_require(`
|
|
type cloud_init_state_t;
|
|
')
|
|
|
|
files_search_var_lib($1)
|
|
allow $1 cloud_init_state_t:dir list_dir_perms;
|
|
allow $1 cloud_init_state_t:lnk_file read_lnk_file_perms;
|
|
allow $1 cloud_init_state_t:file getattr;
|
|
')
|