9127219358
There is more than 5000 parameter documentations. Only about 300 are
differently done. Change them to be consistently indented.
param with one space
and content inside with one tab
This was done with:
sed -ri '
/^##[[:space:]]*<param/,/^##[[:space:]]*<[/]param>/{
s/^##[[:space:]]*/##\t/;
s/^##[[:space:]]*(<[/]?summary)/##\t\1/;
s/^##[[:space:]]*(<[/]?param)/## \1/;
}' policy/modules/*/*.if
Signed-off-by: Markus Linnala <Markus.Linnala@cybercom.com>
151 lines
2.9 KiB
Plaintext
151 lines
2.9 KiB
Plaintext
## <summary>D-BUS service which runs odd jobs on behalf of client applications.</summary>
|
|
|
|
########################################
|
|
## <summary>
|
|
## Execute a domain transition to run oddjob.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed to transition.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`oddjob_domtrans',`
|
|
gen_require(`
|
|
type oddjob_t, oddjob_exec_t;
|
|
')
|
|
|
|
corecmd_search_bin($1)
|
|
domtrans_pattern($1, oddjob_exec_t, oddjob_t)
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Make the specified program domain
|
|
## accessible from the oddjob.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## The type of the process to transition to.
|
|
## </summary>
|
|
## </param>
|
|
## <param name="entrypoint">
|
|
## <summary>
|
|
## The type of the file used as an entrypoint to this domain.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`oddjob_system_entry',`
|
|
gen_require(`
|
|
type oddjob_t;
|
|
')
|
|
|
|
domtrans_pattern(oddjob_t, $2, $1)
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Send and receive messages from
|
|
## oddjob over dbus.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed access.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`oddjob_dbus_chat',`
|
|
gen_require(`
|
|
type oddjob_t;
|
|
class dbus send_msg;
|
|
')
|
|
|
|
allow $1 oddjob_t:dbus send_msg;
|
|
allow oddjob_t $1:dbus send_msg;
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Execute a domain transition to
|
|
## run oddjob mkhomedir.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed to transition.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`oddjob_domtrans_mkhomedir',`
|
|
gen_require(`
|
|
type oddjob_mkhomedir_t, oddjob_mkhomedir_exec_t;
|
|
')
|
|
|
|
corecmd_search_bin($1)
|
|
domtrans_pattern($1, oddjob_mkhomedir_exec_t, oddjob_mkhomedir_t)
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Execute oddjob mkhomedir in the
|
|
## oddjob mkhomedir domain and allow
|
|
## the specified role the oddjob
|
|
## mkhomedir domain.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed to transition.
|
|
## </summary>
|
|
## </param>
|
|
## <param name="role">
|
|
## <summary>
|
|
## Role allowed access.
|
|
## </summary>
|
|
## </param>
|
|
## <rolecap/>
|
|
#
|
|
interface(`oddjob_run_mkhomedir',`
|
|
gen_require(`
|
|
attribute_role oddjob_mkhomedir_roles;
|
|
')
|
|
|
|
oddjob_domtrans_mkhomedir($1)
|
|
roleattribute $2 oddjob_mkhomedir_roles;
|
|
')
|
|
|
|
#####################################
|
|
## <summary>
|
|
## Do not audit attempts to read and write
|
|
## oddjob fifo files.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain to not audit.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`oddjob_dontaudit_rw_fifo_files',`
|
|
gen_require(`
|
|
type oddjob_t;
|
|
')
|
|
|
|
dontaudit $1 oddjob_t:fifo_file rw_fifo_file_perms;
|
|
')
|
|
|
|
######################################
|
|
## <summary>
|
|
## Send child terminated signals to oddjob.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed access.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`oddjob_sigchld',`
|
|
gen_require(`
|
|
type oddjob_t;
|
|
')
|
|
|
|
allow $1 oddjob_t:process sigchld;
|
|
')
|