3c7cec58a2
* reorder file contexts * rename getty_var_run_t into getty_runtime_t and getty_etc_t into getty_conf_t * remove unneeded and confusing init permissions * delete access on generic pids * remove invalid etc filetrans: getty has no create permissions for its config files * restrict logfile access
13 lines
575 B
Plaintext
13 lines
575 B
Plaintext
/etc/mgetty(/.*)? gen_context(system_u:object_r:getty_conf_t,s0)
|
|
|
|
/run/mgetty\.pid.* -- gen_context(system_u:object_r:getty_runtime_t,s0)
|
|
/run/agetty\.reload -- gen_context(system_u:object_r:getty_runtime_t,s0)
|
|
|
|
/usr/sbin/.*getty -- gen_context(system_u:object_r:getty_exec_t,s0)
|
|
|
|
/var/log/mgetty\.log.* -- gen_context(system_u:object_r:getty_log_t,s0)
|
|
/var/log/vgetty\.log\..* -- gen_context(system_u:object_r:getty_log_t,s0)
|
|
|
|
/var/spool/fax(/.*)? gen_context(system_u:object_r:getty_runtime_t,s0)
|
|
/var/spool/voice(/.*)? gen_context(system_u:object_r:getty_runtime_t,s0)
|