# $Id: svc.fc,v 1.3 2003/11/28 12:24:24 peter Exp $ # # author Petre Rodan # # get the latest version of this file from # http://team.rav.ro/peter/policy.tar.gz # # supervise init binaries /usr/bin/svc system_u:object_r:svc_exec_t /usr/bin/svscan system_u:object_r:svc_exec_t /usr/bin/svscanboot system_u:object_r:svc_exec_t /usr/bin/supervise system_u:object_r:svc_exec_t /usr/bin/svok system_u:object_r:svc_exec_t /usr/bin/svstat system_u:object_r:svc_exec_t /usr/bin/fghack system_u:object_r:svc_exec_t /usr/bin/pgrphack system_u:object_r:svc_exec_t /usr/bin/readproctitle system_u:object_r:svc_exec_t /usr/bin/multilog system_u:object_r:svc_multilog_t /usr/bin/tai64n system_u:object_r:svc_tai64n_t /usr/bin/tai64nlocal system_u:object_r:svc_tai64nlocal_t /usr/bin/softlimit system_u:object_r:svc_softlimit_t /usr/bin/setuidgid system_u:object_r:svc_setuidgid_t /usr/bin/envuidgid system_u:object_r:svc_envuidgid_t /usr/bin/envdir system_u:object_r:svc_envdir_t /usr/bin/setlock system_u:object_r:svc_setlock_t # supervise scripts /usr/bin/svc-add system_u:object_r:svc_exec_t /usr/bin/svc-isdown system_u:object_r:svc_exec_t /usr/bin/svc-isup system_u:object_r:svc_exec_t /usr/bin/svc-remove system_u:object_r:svc_exec_t /usr/bin/svc-start system_u:object_r:svc_exec_t /usr/bin/svc-status system_u:object_r:svc_exec_t /usr/bin/svc-stop system_u:object_r:svc_exec_t /usr/bin/svc-waitdown system_u:object_r:svc_exec_t /usr/bin/svc-waitup system_u:object_r:svc_exec_t # services /var/service/.* system_u:object_r:svc_svc_t /var/service/.*/down system_u:object_r:svc_down_t /var/service/.*/supervise/control system_u:object_r:svc_control_t /var/service/.*/supervise/ok system_u:object_r:svc_ok_t /var/service/.*/supervise/lock system_u:object_r:svc_lock_t /var/service/.*/supervise/status system_u:object_r:svc_status_t /var/service/.*/log/status system_u:object_r:svc_logstatus_t # environment variables /var/service/.*/env(/.*)? system_u:object_r:svc_env_t # starting scripts /var/service/.*/run.* system_u:object_r:svc_run_t /var/service/.*/log/run system_u:object_r:svc_run_t # log /var/service/.*/log/main(/.*)? system_u:object_r:svc_log_t # symlinks /service(/.*)? system_u:object_r:svc_lnk_t