9127219358
There is more than 5000 parameter documentations. Only about 300 are
differently done. Change them to be consistently indented.
param with one space
and content inside with one tab
This was done with:
sed -ri '
/^##[[:space:]]*<param/,/^##[[:space:]]*<[/]param>/{
s/^##[[:space:]]*/##\t/;
s/^##[[:space:]]*(<[/]?summary)/##\t\1/;
s/^##[[:space:]]*(<[/]?param)/## \1/;
}' policy/modules/*/*.if
Signed-off-by: Markus Linnala <Markus.Linnala@cybercom.com>
116 lines
2.3 KiB
Plaintext
116 lines
2.3 KiB
Plaintext
## <summary>Service for reporting kernel oopses to kerneloops.org.</summary>
|
|
|
|
########################################
|
|
## <summary>
|
|
## Execute a domain transition to run kerneloops.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed to transition.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`kerneloops_domtrans',`
|
|
gen_require(`
|
|
type kerneloops_t, kerneloops_exec_t;
|
|
')
|
|
|
|
corecmd_search_bin($1)
|
|
domtrans_pattern($1, kerneloops_exec_t, kerneloops_t)
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Send and receive messages from
|
|
## kerneloops over dbus.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed access.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`kerneloops_dbus_chat',`
|
|
gen_require(`
|
|
type kerneloops_t;
|
|
class dbus send_msg;
|
|
')
|
|
|
|
allow $1 kerneloops_t:dbus send_msg;
|
|
allow kerneloops_t $1:dbus send_msg;
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Do not audit attempts to Send and
|
|
## receive messages from kerneloops
|
|
## over dbus.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain to not audit.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`kerneloops_dontaudit_dbus_chat',`
|
|
gen_require(`
|
|
type kerneloops_t;
|
|
class dbus send_msg;
|
|
')
|
|
|
|
dontaudit $1 kerneloops_t:dbus send_msg;
|
|
dontaudit kerneloops_t $1:dbus send_msg;
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Create, read, write, and delete
|
|
## kerneloops temporary files.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed access.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`kerneloops_manage_tmp_files',`
|
|
gen_require(`
|
|
type kerneloops_tmp_t;
|
|
')
|
|
|
|
files_search_tmp($1)
|
|
allow $1 kerneloops_tmp_t:file manage_file_perms;
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## All of the rules required to
|
|
## administrate an kerneloops environment.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed access.
|
|
## </summary>
|
|
## </param>
|
|
## <param name="role">
|
|
## <summary>
|
|
## Role allowed access.
|
|
## </summary>
|
|
## </param>
|
|
## <rolecap/>
|
|
#
|
|
interface(`kerneloops_admin',`
|
|
gen_require(`
|
|
type kerneloops_t, kerneloops_initrc_exec_t;
|
|
type kerneloops_tmp_t;
|
|
')
|
|
|
|
allow $1 kerneloops_t:process { ptrace signal_perms };
|
|
ps_process_pattern($1, kerneloops_t)
|
|
|
|
init_startstop_service($1, $2, kerneloops_t, kerneloops_initrc_exec_t)
|
|
|
|
files_search_tmp($1)
|
|
admin_pattern($1, kerneloops_tmp_t)
|
|
')
|