selinux/checkpolicy/fuzz/min_pol.conf

61 lines
1.4 KiB
Plaintext

class process
class blk_file
class chr_file
class dir
class fifo_file
class file
class lnk_file
class sock_file
sid kernel
sid security
sid unlabeled
sid fs
sid file
sid file_labels
sid init
sid any_socket
sid port
sid netif
sid netmsg
sid node
sid igmp_packet
sid icmp_socket
sid tcp_socket
sid sysctl_modprobe
sid sysctl
sid sysctl_fs
sid sysctl_kernel
sid sysctl_net
sid sysctl_net_unix
sid sysctl_vm
sid sysctl_dev
sid kmod
sid policy
sid scmp_packet
sid devnull
class process { dyntransition transition }
default_role { blk_file } source;
default_role { chr_file } source;
default_role { dir } source;
default_role { fifo_file } source;
default_role { file } source;
default_role { lnk_file } source;
default_role { sock_file } source;
type sys_isid;
typealias sys_isid alias { dpkg_script_t rpm_script_t };
allow sys_isid self : process { dyntransition transition };
role sys_role;
role sys_role types { sys_isid };
user sys_user roles sys_role;
sid kernel sys_user:sys_role:sys_isid
sid security sys_user:sys_role:sys_isid
sid unlabeled sys_user:sys_role:sys_isid
sid file sys_user:sys_role:sys_isid
sid port sys_user:sys_role:sys_isid
sid netif sys_user:sys_role:sys_isid
sid netmsg sys_user:sys_role:sys_isid
sid node sys_user:sys_role:sys_isid
sid devnull sys_user:sys_role:sys_isid
fs_use_trans devpts sys_user:sys_role:sys_isid;
fs_use_trans devtmpfs sys_user:sys_role:sys_isid;