29 lines
568 B
Plaintext
29 lines
568 B
Plaintext
|
|
policy_module(example,1.0.0) # a non-base module name must match the file name
|
|
|
|
########################################
|
|
#
|
|
# Declarations
|
|
#
|
|
|
|
type myapp_t;
|
|
type myapp_exec_t;
|
|
domain_type(myapp_t)
|
|
domain_entry_file(myapp_t, myapp_exec_t)
|
|
|
|
type myapp_log_t;
|
|
logging_log_file(myapp_log_t)
|
|
|
|
type myapp_tmp_t;
|
|
files_tmp_file(myapp_tmp_t)
|
|
|
|
########################################
|
|
#
|
|
# Myapp local policy
|
|
#
|
|
|
|
allow myapp_t myapp_log_t:file { append_file_perms read_file_perms };
|
|
|
|
allow myapp_t myapp_tmp_t:file manage_file_perms;
|
|
files_tmp_filetrans(myapp_t,myapp_tmp_t,file)
|