nnd/selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
242e371ac2
selinux-refpolicy/policy/modules/services/zabbix.if
Markus Linnala 9127219358 policy: interfaces: doc: indent param blocks consistently 
There is more than 5000 parameter documentations. Only about 300 are
differently done. Change them to be consistently indented.

param with one space
and content inside with one tab

This was done with:

sed -ri '
/^##[[:space:]]*<param/,/^##[[:space:]]*<[/]param>/{
	s/^##[[:space:]]*/##\t/;
	s/^##[[:space:]]*(<[/]?summary)/##\t\1/;
	s/^##[[:space:]]*(<[/]?param)/## \1/;
}' policy/modules/*/*.if

Signed-off-by: Markus Linnala <Markus.Linnala@cybercom.com>
2021-07-02 12:19:25 +03:00

157 lines
3.2 KiB
Plaintext
Raw Blame History

## <summary>Distributed infrastructure monitoring.</summary>
########################################
## <summary>
## Execute a domain transition to run zabbix.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed to transition.
## </summary>
## </param>
#
interface(`zabbix_domtrans',`
gen_require(`
type zabbix_t, zabbix_exec_t;
')
corecmd_search_bin($1)
domtrans_pattern($1, zabbix_exec_t, zabbix_t)
')
########################################
## <summary>
## Connect to zabbit on the TCP network.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`zabbix_tcp_connect',`
gen_require(`
type zabbix_t;
')
corenet_sendrecv_zabbix_client_packets($1)
corenet_tcp_connect_zabbix_port($1)
corenet_tcp_recvfrom_labeled($1, zabbix_t)
')
########################################
## <summary>
## Read zabbix log files.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`zabbix_read_log',`
gen_require(`
type zabbix_log_t;
')
logging_search_logs($1)
read_files_pattern($1, zabbix_log_t, zabbix_log_t)
')
########################################
## <summary>
## Append zabbix log files.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`zabbix_append_log',`
gen_require(`
type zabbix_log_t;
')
logging_search_logs($1)
append_files_pattern($1, zabbix_log_t, zabbix_log_t)
')
########################################
## <summary>
## Read zabbix pid files. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`zabbix_read_pid_files',`
refpolicywarn(`$0($*) has been deprecated.')
')
########################################
## <summary>
## Connect to zabbix agent on the TCP network.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`zabbix_agent_tcp_connect',`
gen_require(`
type zabbix_t;
')
corenet_sendrecv_zabbix_agent_client_packets($1)
corenet_tcp_connect_zabbix_agent_port($1)
corenet_tcp_recvfrom_labeled($1, zabbix_t)
')
########################################
## <summary>
## All of the rules required to
## administrate an zabbix environment.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <param name="role">
## <summary>
## Role allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`zabbix_admin',`
gen_require(`
type zabbix_t, zabbix_agent_t, zabbix_log_t, zabbix_runtime_t;
type zabbix_initrc_exec_t, zabbix_agent_initrc_exec_t, zabbix_tmp_t;
type zabbix_tmpfs_t;
')
allow $1 { zabbix_t zabbix_agent_t }:process { ptrace signal_perms };
ps_process_pattern($1, { zabbix_t zabbix_agent_t })
init_startstop_service($1, $2, zabbix_t, zabbix_initrc_exec_t)
init_startstop_service($1, $2, zabbix_agent_t, zabbix_agent_initrc_exec_t)
logging_list_logs($1)
admin_pattern($1, zabbix_log_t)
files_list_runtime($1)
admin_pattern($1, zabbix_runtime_t)
files_list_tmp($1)
admin_pattern($1, zabbix_tmp_t)
fs_list_tmpfs($1)
admin_pattern($1, zabbix_tmpfs_t)
')
Reference in New Issue View Git Blame Copy Permalink