# $Id: daemontools.fc,v 1.2 2003/12/01 10:51:43 peter Exp $ # # author Petre Rodan # # get the latest version of this file from # http://team.rav.ro/peter/policy.tar.gz # /var/service/.* system_u:object_r:svc_svc_t # symlinks to /var/service/* /service(/.*)? system_u:object_r:svc_svc_t # supervise scripts /usr/bin/svc-add system_u:object_r:svc_script_exec_t /usr/bin/svc-isdown system_u:object_r:svc_script_exec_t /usr/bin/svc-isup system_u:object_r:svc_script_exec_t /usr/bin/svc-remove system_u:object_r:svc_script_exec_t /usr/bin/svc-start system_u:object_r:svc_script_exec_t /usr/bin/svc-status system_u:object_r:svc_script_exec_t /usr/bin/svc-stop system_u:object_r:svc_script_exec_t /usr/bin/svc-waitdown system_u:object_r:svc_script_exec_t /usr/bin/svc-waitup system_u:object_r:svc_script_exec_t # supervise init binaries # these programs read/write to /service/*/supervise/* and /service/*/log/supervise/* /usr/bin/svc system_u:object_r:svc_start_exec_t /usr/bin/svscan system_u:object_r:svc_start_exec_t /usr/bin/svscanboot system_u:object_r:svc_start_exec_t /usr/bin/svok system_u:object_r:svc_start_exec_t /usr/bin/svstat system_u:object_r:svc_start_exec_t /usr/bin/supervise system_u:object_r:svc_start_exec_t # starting scripts /var/service/.*/run.* system_u:object_r:svc_run_exec_t /var/service/.*/log/run system_u:object_r:svc_run_exec_t # programs that impose a given environment to daemons /usr/bin/softlimit system_u:object_r:svc_run_exec_t /usr/bin/setuidgid system_u:object_r:svc_run_exec_t /usr/bin/envuidgid system_u:object_r:svc_run_exec_t /usr/bin/envdir system_u:object_r:svc_run_exec_t /usr/bin/setlock system_u:object_r:svc_run_exec_t # helper programs /usr/bin/fghack system_u:object_r:svc_run_exec_t /usr/bin/pgrphack system_u:object_r:svc_run_exec_t # daemontools logger # writes to service/*/log/main/ and /var/log/*/ /usr/bin/multilog system_u:object_r:svc_multilog_exec_t # configurations /var/service/.*/env(/.*)? system_u:object_r:svc_conf_t # log /var/service/.*/log/main(/.*)? system_u:object_r:svc_log_t