Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 733261 Details for
Bug 793005
sec-policy/selinux-dcc-2.20210203-r1 fails to compile
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
Last policy: Type enforcements
dcc.te (text/plain), 8.46 KB, created by
Graham E
on 2021-08-16 10:04:37 UTC
(
hide
)
Description:
Last policy: Type enforcements
Filename:
MIME Type:
Creator:
Graham E
Created:
2021-08-16 10:04:37 UTC
Size:
8.46 KB
patch
obsolete
>policy_module(dcc, 1.17.0) > >######################################## ># ># Declarations ># > >attribute_role cdcc_roles; >roleattribute system_r cdcc_roles; > >attribute_role dcc_client_roles; >roleattribute system_r dcc_client_roles; > >attribute_role dcc_dbclean_roles; >roleattribute system_r dcc_dbclean_roles; > >type cdcc_t; >type cdcc_exec_t; >application_domain(cdcc_t, cdcc_exec_t) >role cdcc_roles types cdcc_t; > >type cdcc_tmp_t; >files_tmp_file(cdcc_tmp_t) > >type dcc_client_t; >type dcc_client_exec_t; >application_domain(dcc_client_t, dcc_client_exec_t) >role dcc_client_roles types dcc_client_t; > >type dcc_client_map_t; >files_type(dcc_client_map_t) > >type dcc_client_tmp_t; >files_tmp_file(dcc_client_tmp_t) > >type dcc_dbclean_t; >type dcc_dbclean_exec_t; >application_domain(dcc_dbclean_t, dcc_dbclean_exec_t) >role dcc_dbclean_roles types dcc_dbclean_t; > >type dcc_dbclean_tmp_t; >files_tmp_file(dcc_dbclean_tmp_t) > >type dcc_var_t; >files_type(dcc_var_t) > >type dcc_runtime_t; >files_type(dcc_runtime_t) > >type dccd_t; >type dccd_exec_t; >init_daemon_domain(dccd_t, dccd_exec_t) > >type dccd_tmp_t; >files_tmp_file(dccd_tmp_t) > >type dccd_runtime_t; >files_runtime_file(dccd_runtime_t) > >type dccifd_t; >type dccifd_exec_t; >init_daemon_domain(dccifd_t, dccifd_exec_t) > >type dccifd_runtime_t alias dccifd_var_run_t; >files_runtime_file(dccifd_runtime_t) > >type dccifd_tmp_t; >files_tmp_file(dccifd_tmp_t) > >type dccm_t; >type dccm_exec_t; >init_daemon_domain(dccm_t, dccm_exec_t) > >type dccm_runtime_t alias dccm_var_run_t; >files_runtime_file(dccm_runtime_t) > >type dccm_tmp_t; >files_tmp_file(dccm_tmp_t) > >######################################## ># ># Daemon controller local policy ># > >allow cdcc_t self:capability { setgid setuid }; > >manage_dirs_pattern(cdcc_t, cdcc_tmp_t, cdcc_tmp_t) >manage_files_pattern(cdcc_t, cdcc_tmp_t, cdcc_tmp_t) >files_tmp_filetrans(cdcc_t, cdcc_tmp_t, { file dir }) > >allow cdcc_t dcc_client_map_t:file rw_file_perms; > >allow cdcc_t dcc_var_t:dir list_dir_perms; >read_files_pattern(cdcc_t, dcc_var_t, dcc_var_t) >read_lnk_files_pattern(cdcc_t, dcc_var_t, dcc_var_t) > >files_read_etc_runtime_files(cdcc_t) > >auth_use_nsswitch(cdcc_t) > >logging_send_syslog_msg(cdcc_t) > >miscfiles_read_localization(cdcc_t) > >userdom_use_user_terminals(cdcc_t) > >######################################## ># ># Procmail interface local policy ># > >allow dcc_client_t self:capability { setgid setuid }; > >allow dcc_client_t dcc_client_map_t:file rw_file_perms; > >manage_dirs_pattern(dcc_client_t, dcc_client_tmp_t, dcc_client_tmp_t) >manage_files_pattern(dcc_client_t, dcc_client_tmp_t, dcc_client_tmp_t) >files_tmp_filetrans(dcc_client_t, dcc_client_tmp_t, { file dir }) > >allow dcc_client_t dcc_var_t:dir list_dir_perms; >manage_files_pattern(dcc_client_t, dcc_var_t, dcc_var_t) >read_lnk_files_pattern(dcc_client_t, dcc_var_t, dcc_var_t) > >kernel_read_system_state(dcc_client_t) > >files_read_etc_runtime_files(dcc_client_t) > >fs_getattr_all_fs(dcc_client_t) > >auth_use_nsswitch(dcc_client_t) > >logging_send_syslog_msg(dcc_client_t) > >miscfiles_read_localization(dcc_client_t) > >userdom_use_user_terminals(dcc_client_t) > >optional_policy(` > amavis_read_spool_files(dcc_client_t) >') > >optional_policy(` > spamassassin_read_spamd_tmp_files(dcc_client_t) >') > >######################################## ># ># Database cleanup local policy ># > >allow dcc_dbclean_t dcc_client_map_t:file rw_file_perms; > >manage_dirs_pattern(dcc_dbclean_t, dcc_dbclean_tmp_t, dcc_dbclean_tmp_t) >manage_files_pattern(dcc_dbclean_t, dcc_dbclean_tmp_t, dcc_dbclean_tmp_t) >files_tmp_filetrans(dcc_dbclean_t, dcc_dbclean_tmp_t, { file dir }) > >manage_dirs_pattern(dcc_dbclean_t, dcc_var_t, dcc_var_t) >manage_files_pattern(dcc_dbclean_t, dcc_var_t, dcc_var_t) >manage_lnk_files_pattern(dcc_dbclean_t, dcc_var_t, dcc_var_t) > >kernel_read_system_state(dcc_dbclean_t) > >files_read_etc_runtime_files(dcc_dbclean_t) > >auth_use_nsswitch(dcc_dbclean_t) > >logging_send_syslog_msg(dcc_dbclean_t) > >miscfiles_read_localization(dcc_dbclean_t) > >userdom_use_user_terminals(dcc_dbclean_t) > >######################################## ># ># Server local policy ># > >allow dccd_t self:capability net_admin; >dontaudit dccd_t self:capability sys_tty_config; >allow dccd_t self:process signal_perms; > >allow dccd_t dcc_client_map_t:file rw_file_perms; > >allow dccd_t dcc_var_t:dir list_dir_perms; >read_files_pattern(dccd_t, dcc_var_t, dcc_var_t) >read_lnk_files_pattern(dccd_t, dcc_var_t, dcc_var_t) > >domtrans_pattern(dccd_t, dcc_dbclean_exec_t, dcc_dbclean_t) > >manage_dirs_pattern(dccd_t, dcc_var_t, dcc_var_t) >manage_files_pattern(dccd_t, dcc_var_t, dcc_var_t) >manage_lnk_files_pattern(dccd_t, dcc_var_t, dcc_var_t) > >manage_dirs_pattern(dccd_t, dccd_tmp_t, dccd_tmp_t) >manage_files_pattern(dccd_t, dccd_tmp_t, dccd_tmp_t) >files_tmp_filetrans(dccd_t, dccd_tmp_t, { file dir }) > >manage_dirs_pattern(dccd_t, dccd_runtime_t, dccd_runtime_t) >manage_files_pattern(dccd_t, dccd_runtime_t, dccd_runtime_t) >files_runtime_filetrans(dccd_t, dccd_runtime_t, { dir file }) > >kernel_read_system_state(dccd_t) >kernel_read_kernel_sysctls(dccd_t) > >corenet_all_recvfrom_netlabel(dccd_t) >corenet_udp_sendrecv_generic_if(dccd_t) >corenet_udp_sendrecv_generic_node(dccd_t) >corenet_udp_bind_generic_node(dccd_t) > >corenet_udp_bind_dcc_port(dccd_t) >corenet_sendrecv_dcc_server_packets(dccd_t) > >corecmd_search_bin(dccd_t) > >dev_read_sysfs(dccd_t) > >domain_use_interactive_fds(dccd_t) > >files_read_etc_runtime_files(dccd_t) > >fs_getattr_all_fs(dccd_t) >fs_search_auto_mountpoints(dccd_t) > >auth_use_nsswitch(dccd_t) > >logging_send_syslog_msg(dccd_t) > >miscfiles_read_localization(dccd_t) > >userdom_dontaudit_use_unpriv_user_fds(dccd_t) >userdom_dontaudit_search_user_home_dirs(dccd_t) > >optional_policy(` > seutil_sigchld_newrole(dccd_t) >') > >######################################## ># ># Spamassassin and general MTA persistent client local policy ># > >dontaudit dccifd_t self:capability sys_tty_config; >allow dccifd_t self:process signal_perms; >allow dccifd_t self:unix_stream_socket { accept listen }; > >allow dccifd_t dcc_client_map_t:file rw_file_perms; > >manage_dirs_pattern(dccifd_t, dcc_var_t, dcc_var_t) >manage_files_pattern(dccifd_t, dcc_var_t, dcc_var_t) >manage_lnk_files_pattern(dccifd_t, dcc_var_t, dcc_var_t) >manage_fifo_files_pattern(dccifd_t, dcc_var_t, dcc_var_t) >manage_sock_files_pattern(dccifd_t, dcc_var_t, dcc_var_t) > >manage_dirs_pattern(dccifd_t, dccifd_tmp_t, dccifd_tmp_t) >manage_files_pattern(dccifd_t, dccifd_tmp_t, dccifd_tmp_t) >files_tmp_filetrans(dccifd_t, dccifd_tmp_t, { file dir }) > >manage_files_pattern(dccifd_t, dccifd_runtime_t, dccifd_runtime_t) >manage_sock_files_pattern(dccifd_t, dccifd_runtime_t, dccifd_runtime_t) >filetrans_pattern(dccifd_t, dcc_var_t, dccifd_runtime_t, { file sock_file }) >files_runtime_filetrans(dccifd_t, dccifd_runtime_t, file) > >kernel_read_system_state(dccifd_t) >kernel_read_kernel_sysctls(dccifd_t) > >dev_read_sysfs(dccifd_t) > >domain_use_interactive_fds(dccifd_t) > >files_read_etc_runtime_files(dccifd_t) > >fs_getattr_all_fs(dccifd_t) >fs_search_auto_mountpoints(dccifd_t) > >auth_use_nsswitch(dccifd_t) > >logging_send_syslog_msg(dccifd_t) > >miscfiles_read_localization(dccifd_t) > >userdom_dontaudit_use_unpriv_user_fds(dccifd_t) >userdom_dontaudit_search_user_home_dirs(dccifd_t) > >optional_policy(` > seutil_sigchld_newrole(dccifd_t) >') > >######################################## ># ># Sendmail milter client local policy ># > >dontaudit dccm_t self:capability sys_tty_config; >allow dccm_t self:process signal_perms; >allow dccm_t self:unix_stream_socket { accept listen }; > >allow dccm_t dcc_client_map_t:file rw_file_perms; > >manage_dirs_pattern(dccm_t, dcc_var_t, dcc_var_t) >manage_files_pattern(dccm_t, dcc_var_t, dcc_var_t) >manage_lnk_files_pattern(dccm_t, dcc_var_t, dcc_var_t) >manage_fifo_files_pattern(dccm_t, dcc_var_t, dcc_var_t) >manage_sock_files_pattern(dccm_t, dcc_var_t, dcc_var_t) > >manage_dirs_pattern(dccm_t, dccm_tmp_t, dccm_tmp_t) >manage_files_pattern(dccm_t, dccm_tmp_t, dccm_tmp_t) >files_tmp_filetrans(dccm_t, dccm_tmp_t, { file dir }) > >manage_files_pattern(dccm_t, dccm_runtime_t, dccm_runtime_t) >manage_sock_files_pattern(dccm_t, dccm_runtime_t, dccm_runtime_t) >filetrans_pattern(dccm_t, dcc_runtime_t, dccm_runtime_t, { file sock_file }) >files_runtime_filetrans(dccm_t, dccm_runtime_t, file) > >kernel_read_system_state(dccm_t) >kernel_read_kernel_sysctls(dccm_t) > >dev_read_sysfs(dccm_t) > >domain_use_interactive_fds(dccm_t) > >files_read_etc_runtime_files(dccm_t) > >fs_getattr_all_fs(dccm_t) >fs_search_auto_mountpoints(dccm_t) > >auth_use_nsswitch(dccm_t) > >logging_send_syslog_msg(dccm_t) > >miscfiles_read_localization(dccm_t) > >userdom_dontaudit_use_unpriv_user_fds(dccm_t) >userdom_dontaudit_search_user_home_dirs(dccm_t) > >optional_policy(` > seutil_sigchld_newrole(dccm_t) >') >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=733261">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 793005
:
712509
|
733255
|
733258
| 733261
