nnd/selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
60a3d5af67
selinux-refpolicy/policy/modules/services/aisexec.if
Markus Linnala 9127219358 policy: interfaces: doc: indent param blocks consistently 
There is more than 5000 parameter documentations. Only about 300 are
differently done. Change them to be consistently indented.

param with one space
and content inside with one tab

This was done with:

sed -ri '
/^##[[:space:]]*<param/,/^##[[:space:]]*<[/]param>/{
	s/^##[[:space:]]*/##\t/;
	s/^##[[:space:]]*(<[/]?summary)/##\t\1/;
	s/^##[[:space:]]*(<[/]?param)/## \1/;
}' policy/modules/*/*.if

Signed-off-by: Markus Linnala <Markus.Linnala@cybercom.com>
2021-07-02 12:19:25 +03:00

105 lines
2.2 KiB
Plaintext
Raw Blame History

## <summary>Aisexec Cluster Engine.</summary>
########################################
## <summary>
## Execute a domain transition to run aisexec.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed to transition.
## </summary>
## </param>
#
interface(`aisexec_domtrans',`
gen_require(`
type aisexec_t, aisexec_exec_t;
')
corecmd_search_bin($1)
domtrans_pattern($1, aisexec_exec_t, aisexec_t)
')
#####################################
## <summary>
## Connect to aisexec over a unix
## stream socket.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`aisexec_stream_connect',`
gen_require(`
type aisexec_t, aisexec_runtime_t;
')
files_search_runtime($1)
stream_connect_pattern($1, aisexec_runtime_t, aisexec_runtime_t, aisexec_t)
')
#######################################
## <summary>
## Read aisexec log files content.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`aisexec_read_log',`
gen_require(`
type aisexec_var_log_t;
')
logging_search_logs($1)
list_dirs_pattern($1, aisexec_var_log_t, aisexec_var_log_t)
read_files_pattern($1, aisexec_var_log_t, aisexec_var_log_t)
')
######################################
## <summary>
## All of the rules required to
## administrate an aisexec environment.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <param name="role">
## <summary>
## Role allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`aisexecd_admin',`
gen_require(`
type aisexec_t, aisexec_var_lib_t, aisexec_var_log_t;
type aisexec_runtime_t, aisexec_tmp_t, aisexec_tmpfs_t;
type aisexec_initrc_exec_t;
')
allow $1 aisexec_t:process { ptrace signal_perms };
ps_process_pattern($1, aisexec_t)
init_startstop_service($1, $2, aisexec_t, aisexec_initrc_exec_t)
files_list_var_lib($1)
admin_pattern($1, aisexec_var_lib_t)
logging_list_logs($1)
admin_pattern($1, aisexec_var_log_t)
files_list_runtime($1)
admin_pattern($1, aisexec_runtime_t)
files_list_tmp($1)
admin_pattern($1, aisexec_tmp_t)
admin_pattern($1, aisexec_tmpfs_t)
')
Reference in New Issue View Git Blame Copy Permalink