nnd/selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
60a3d5af67
selinux-refpolicy/policy/modules/services/knot.if
Markus Linnala 9127219358 policy: interfaces: doc: indent param blocks consistently 
There is more than 5000 parameter documentations. Only about 300 are
differently done. Change them to be consistently indented.

param with one space
and content inside with one tab

This was done with:

sed -ri '
/^##[[:space:]]*<param/,/^##[[:space:]]*<[/]param>/{
	s/^##[[:space:]]*/##\t/;
	s/^##[[:space:]]*(<[/]?summary)/##\t\1/;
	s/^##[[:space:]]*(<[/]?param)/## \1/;
}' policy/modules/*/*.if

Signed-off-by: Markus Linnala <Markus.Linnala@cybercom.com>
2021-07-02 12:19:25 +03:00

109 lines
2.2 KiB
Plaintext
Raw Blame History

## <summary>high-performance authoritative-only DNS server.</summary>
########################################
## <summary>
## Execute knotc in the knotc domain.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed to transition.
## </summary>
## </param>
#
interface(`knot_domtrans_client',`
gen_require(`
type knotc_t, knotc_exec_t;
')
corecmd_search_bin($1)
domtrans_pattern($1, knotc_exec_t, knotc_t)
')
########################################
## <summary>
## Execute knotc in the knotc domain, and
## allow the specified role the knotc domain.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
## <summary>
## Role allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`knot_run_client',`
gen_require(`
attribute_role knot_roles;
')
knot_domtrans_client($1)
roleattribute $2 knot_roles;
')
########################################
## <summary>
## Read knot config files.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`knot_read_config_files',`
gen_require(`
type knot_conf_t;
')
read_files_pattern($1, knot_conf_t, knot_conf_t)
files_search_etc($1)
')
########################################
## <summary>
## All of the rules required to
## administrate an knot environment.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <param name="role">
## <summary>
## Role allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`knot_admin',`
gen_require(`
type knotc_t, knotd_t, knot_conf_t, knot_initrc_exec_t;
type knot_runtime_t, knot_tmp_t, knot_var_lib_t;
')
allow $1 knotc_t:process signal_perms;
allow $1 knotd_t:process { ptrace signal_perms };
ps_process_pattern($1, knotc_t)
ps_process_pattern($1, knotd_t)
init_startstop_service($1, $2, knotd_t, knot_initrc_exec_t)
files_search_etc($1)
admin_pattern($1, knot_conf_t)
files_search_runtime($1)
admin_pattern($1, knot_runtime_t)
files_search_tmp($1)
admin_pattern($1, knot_tmp_t)
files_search_var_lib($1)
admin_pattern($1, knot_var_lib_t)
')
Reference in New Issue View Git Blame Copy Permalink