nnd/selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
242e371ac2
selinux-refpolicy/policy/modules/services/rwho.if
Markus Linnala 9127219358 policy: interfaces: doc: indent param blocks consistently 
There is more than 5000 parameter documentations. Only about 300 are
differently done. Change them to be consistently indented.

param with one space
and content inside with one tab

This was done with:

sed -ri '
/^##[[:space:]]*<param/,/^##[[:space:]]*<[/]param>/{
	s/^##[[:space:]]*/##\t/;
	s/^##[[:space:]]*(<[/]?summary)/##\t\1/;
	s/^##[[:space:]]*(<[/]?param)/## \1/;
}' policy/modules/*/*.if

Signed-off-by: Markus Linnala <Markus.Linnala@cybercom.com>
2021-07-02 12:19:25 +03:00

153 lines
2.8 KiB
Plaintext
Raw Blame History

## <summary>Who is logged in on other machines?</summary>
########################################
## <summary>
## Execute a domain transition to run rwho.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed to transition.
## </summary>
## </param>
#
interface(`rwho_domtrans',`
gen_require(`
type rwho_t, rwho_exec_t;
')
corecmd_search_bin($1)
domtrans_pattern($1, rwho_exec_t, rwho_t)
')
########################################
## <summary>
## Search rwho log directories.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`rwho_search_log',`
gen_require(`
type rwho_log_t;
')
logging_search_logs($1)
allow $1 rwho_log_t:dir search_dir_perms;
')
########################################
## <summary>
## Read rwho log files.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`rwho_read_log_files',`
gen_require(`
type rwho_log_t;
')
logging_search_logs($1)
allow $1 rwho_log_t:dir list_dir_perms;
allow $1 rwho_log_t:file read_file_perms;
')
########################################
## <summary>
## Search rwho spool directories.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`rwho_search_spool',`
gen_require(`
type rwho_spool_t;
')
files_search_spool($1)
allow $1 rwho_spool_t:dir search_dir_perms;
')
########################################
## <summary>
## Read rwho spool files.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`rwho_read_spool_files',`
gen_require(`
type rwho_spool_t;
')
files_search_spool($1)
read_files_pattern($1, rwho_spool_t, rwho_spool_t)
')
########################################
## <summary>
## Create, read, write, and delete
## rwho spool files.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`rwho_manage_spool_files',`
gen_require(`
type rwho_spool_t;
')
files_search_spool($1)
manage_files_pattern($1, rwho_spool_t, rwho_spool_t)
')
########################################
## <summary>
## All of the rules required to
## administrate an rwho environment.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <param name="role">
## <summary>
## Role allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`rwho_admin',`
gen_require(`
type rwho_t, rwho_log_t, rwho_spool_t;
type rwho_initrc_exec_t;
')
allow $1 rwho_t:process { ptrace signal_perms };
ps_process_pattern($1, rwho_t)
init_startstop_service($1, $2, rwho_t, rwho_initrc_exec_t)
logging_list_logs($1)
admin_pattern($1, rwho_log_t)
files_list_spool($1)
admin_pattern($1, rwho_spool_t)
')
Reference in New Issue View Git Blame Copy Permalink