selinux-refpolicy/policy/modules/services/mon.if

38 lines
716 B
Plaintext

## <summary>mon network monitoring daemon.</summary>
######################################
## <summary>
## dontaudit using an inherited fd from mon_t
## </summary>
## <param name="domain">
## <summary>
## Domain to not audit
## </summary>
## </param>
#
interface(`mon_dontaudit_use_fds',`
gen_require(`
type mon_t;
')
dontaudit $1 mon_t:fd use;
')
######################################
## <summary>
## dontaudit searching /var/lib/mon
## </summary>
## <param name="domain">
## <summary>
## Domain to not audit
## </summary>
## </param>
#
interface(`mon_dontaudit_search_var_lib',`
gen_require(`
type mon_var_lib_t;
')
dontaudit $1 mon_var_lib_t:dir search;
')