9127219358
There is more than 5000 parameter documentations. Only about 300 are differently done. Change them to be consistently indented. param with one space and content inside with one tab This was done with: sed -ri ' /^##[[:space:]]*<param/,/^##[[:space:]]*<[/]param>/{ s/^##[[:space:]]*/##\t/; s/^##[[:space:]]*(<[/]?summary)/##\t\1/; s/^##[[:space:]]*(<[/]?param)/## \1/; }' policy/modules/*/*.if Signed-off-by: Markus Linnala <Markus.Linnala@cybercom.com>
185 lines
3.5 KiB
Plaintext
185 lines
3.5 KiB
Plaintext
## <summary>ShoutCast compatible streaming media server.</summary>
|
|
|
|
########################################
|
|
## <summary>
|
|
## Execute a domain transition to run icecast.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed to transition.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`icecast_domtrans',`
|
|
gen_require(`
|
|
type icecast_t, icecast_exec_t;
|
|
')
|
|
|
|
corecmd_search_bin($1)
|
|
domtrans_pattern($1, icecast_exec_t, icecast_t)
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Send generic signals to icecast.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed access.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`icecast_signal',`
|
|
gen_require(`
|
|
type icecast_t;
|
|
')
|
|
|
|
allow $1 icecast_t:process signal;
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Execute icecast server in the icecast domain.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed to transition.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`icecast_initrc_domtrans',`
|
|
gen_require(`
|
|
type icecast_initrc_exec_t;
|
|
')
|
|
|
|
init_labeled_script_domtrans($1, icecast_initrc_exec_t)
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Read icecast pid files. (Deprecated)
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed access.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`icecast_read_pid_files',`
|
|
refpolicywarn(`$0($*) has been deprecated.')
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Create, read, write, and delete
|
|
## icecast pid files.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed access.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`icecast_manage_pid_files',`
|
|
gen_require(`
|
|
type icecast_runtime_t;
|
|
')
|
|
|
|
files_search_runtime($1)
|
|
manage_files_pattern($1, icecast_runtime_t, icecast_runtime_t)
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Read icecast log files.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed access.
|
|
## </summary>
|
|
## </param>
|
|
## <rolecap/>
|
|
#
|
|
interface(`icecast_read_log',`
|
|
gen_require(`
|
|
type icecast_log_t;
|
|
')
|
|
|
|
logging_search_logs($1)
|
|
read_files_pattern($1, icecast_log_t, icecast_log_t)
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Append icecast log files.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed access.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`icecast_append_log',`
|
|
gen_require(`
|
|
type icecast_log_t;
|
|
')
|
|
|
|
logging_search_logs($1)
|
|
append_files_pattern($1, icecast_log_t, icecast_log_t)
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Create, read, write, and delete
|
|
## icecast log files.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allow access.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`icecast_manage_log',`
|
|
gen_require(`
|
|
type icecast_log_t;
|
|
')
|
|
|
|
logging_search_logs($1)
|
|
manage_files_pattern($1, icecast_log_t, icecast_log_t)
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## All of the rules required to
|
|
## administrate an icecast environment.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed access.
|
|
## </summary>
|
|
## </param>
|
|
## <param name="role">
|
|
## <summary>
|
|
## Role allowed access.
|
|
## </summary>
|
|
## </param>
|
|
## <rolecap/>
|
|
#
|
|
interface(`icecast_admin',`
|
|
gen_require(`
|
|
type icecast_t, icecast_initrc_exec_t, icecast_log_t;
|
|
type icecast_runtime_t;
|
|
')
|
|
|
|
init_startstop_service($1, $2, icecast_t, icecast_initrc_exec_t)
|
|
|
|
allow $1 icecast_t:process { ptrace signal_perms };
|
|
ps_process_pattern($1, icecast_t)
|
|
|
|
logging_search_logs($1)
|
|
admin_pattern($1, icecast_log_t)
|
|
|
|
files_search_runtime($1)
|
|
admin_pattern($1, icecast_runtime_t)
|
|
')
|