Merge branch 'systemd-rfkill' of git://github.com/fishilico/selinux-refpolicy
This commit is contained in:
Chris PeBenito
commit
65ce8b6df1
@ -28,6 +28,7 @@
|
||||
/usr/lib/systemd/systemd-machined -- gen_context(system_u:object_r:systemd_machined_exec_t,s0)
|
||||
/usr/lib/systemd/systemd-networkd -- gen_context(system_u:object_r:systemd_networkd_exec_t,s0)
|
||||
/usr/lib/systemd/systemd-resolved -- gen_context(system_u:object_r:systemd_resolved_exec_t,s0)
|
||||
/usr/lib/systemd/systemd-rfkill -- gen_context(system_u:object_r:systemd_rfkill_exec_t,s0)
|
||||
/usr/lib/systemd/systemd-update-done -- gen_context(system_u:object_r:systemd_update_done_exec_t,s0)
|
||||
/usr/lib/systemd/systemd-user-sessions -- gen_context(system_u:object_r:systemd_sessions_exec_t,s0)
|
||||
|
||||
@ -42,10 +43,12 @@
|
||||
/usr/lib/systemd/system/systemd-backlight.* -- gen_context(system_u:object_r:systemd_backlight_unit_t,s0)
|
||||
/usr/lib/systemd/system/systemd-binfmt.* -- gen_context(system_u:object_r:systemd_binfmt_unit_t,s0)
|
||||
/usr/lib/systemd/system/systemd-networkd.* gen_context(system_u:object_r:systemd_networkd_unit_t,s0)
|
||||
/usr/lib/systemd/system/systemd-rfkill.* -- gen_context(system_u:object_r:systemd_rfkill_unit_t,s0)
|
||||
|
||||
/var/lib/systemd/backlight(/.*)? gen_context(system_u:object_r:systemd_backlight_var_lib_t,s0)
|
||||
/var/lib/systemd/coredump(/.*)? gen_context(system_u:object_r:systemd_coredump_var_lib_t,s0)
|
||||
/var/lib/systemd/linger(/.*)? gen_context(system_u:object_r:systemd_logind_var_lib_t,s0)
|
||||
/var/lib/systemd/rfkill(/.*)? gen_context(system_u:object_r:systemd_rfkill_var_lib_t,s0)
|
||||
|
||||
/run/\.nologin[^/]* -- gen_context(system_u:object_r:systemd_sessions_var_run_t,s0)
|
||||
/run/nologin -- gen_context(system_u:object_r:systemd_sessions_var_run_t,s0)
|
||||
|
||||
@ -166,6 +166,16 @@ init_system_domain(systemd_passwd_agent_t, systemd_passwd_agent_exec_t)
|
||||
type systemd_passwd_var_run_t;
|
||||
files_pid_file(systemd_passwd_var_run_t)
|
||||
|
||||
type systemd_rfkill_t;
|
||||
type systemd_rfkill_exec_t;
|
||||
init_daemon_domain(systemd_rfkill_t, systemd_rfkill_exec_t)
|
||||
|
||||
type systemd_rfkill_unit_t;
|
||||
init_unit_file(systemd_rfkill_unit_t)
|
||||
|
||||
type systemd_rfkill_var_lib_t;
|
||||
files_type(systemd_rfkill_var_lib_t)
|
||||
|
||||
type systemd_sessions_t;
|
||||
type systemd_sessions_exec_t;
|
||||
init_system_domain(systemd_sessions_t, systemd_sessions_exec_t)
|
||||
@ -877,6 +887,27 @@ optional_policy(`
|
||||
')
|
||||
|
||||
|
||||
#######################################
|
||||
#
|
||||
# Rfkill local policy
|
||||
#
|
||||
|
||||
manage_dirs_pattern(systemd_rfkill_t, systemd_rfkill_var_lib_t, systemd_rfkill_var_lib_t)
|
||||
manage_files_pattern(systemd_rfkill_t, systemd_rfkill_var_lib_t, systemd_rfkill_var_lib_t)
|
||||
init_var_lib_filetrans(systemd_rfkill_t, systemd_rfkill_var_lib_t, dir)
|
||||
|
||||
dev_read_sysfs(systemd_rfkill_t)
|
||||
dev_rw_wireless(systemd_rfkill_t)
|
||||
|
||||
# Allow reading /etc/udev/udev.conf
|
||||
files_read_etc_files(systemd_rfkill_t)
|
||||
|
||||
# Allow reading /run/udev/data/+rfkill:rfkill0
|
||||
udev_read_pid_files(systemd_rfkill_t)
|
||||
|
||||
systemd_log_parse_environment(systemd_rfkill_t)
|
||||
|
||||
|
||||
#########################################
|
||||
#
|
||||
# Resolved local policy
|
||||
|
||||
Loading…
Reference in New Issue
Block a user