Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 322466 Details for
Bug 433084
selinux policy for rtorrent-0.8.9
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
Module main rules
rtorrent.te (text/plain), 3.42 KB, created by
Vincent Brillault
on 2012-08-28 19:29:37 UTC
(
hide
)
Description:
Module main rules
Filename:
MIME Type:
Creator:
Vincent Brillault
Created:
2012-08-28 19:29:37 UTC
Size:
3.42 KB
patch
obsolete
>policy_module(rtorrent,1.0.0) > >require { > type user_t; > role user_r; > type sysadm_t; > role sysadm_r; >} > >######################################## ># ># Declarations ># > >## <desc> >## <p> >## Allow rtorrent to use dht. >## The correspondig port must be rtorrent_udp_port_t. >## </p> >## </desc> >gen_tunable(rtorrent_use_dht, true) > >## <desc> >## <p> >## Allow rtorrent to use rsync, for example in a hook. >## </p> >## </desc> >gen_tunable(rtorrent_use_rsync, false) > > ># Application >type rtorrent_t; >type rtorrent_exec_t; >userdom_user_application_domain(rtorrent_t, rtorrent_exec_t) > ># Conf (.rtorrent.rc): readable by rtorrent, manageable by user >type rtorrent_conf_t; >userdom_user_home_content(rtorrent_conf_t) > ># Session (.rtsession): manageable by rtorrent, readable by user >type rtorrent_session_t; >userdom_user_home_content(rtorrent_session_t) > ># Downloaded files: manageable by rtorrent, manageable by user >type rtorrent_download_t; >userdom_user_home_content(rtorrent_download_t) >files_mountpoint(rtorrent_download_t) > > >######################################## ># ># rtorrent local policy ># > ># First, need to access the /home/user directory >userdom_list_user_home_dirs(rtorrent_t) ># Seems to be needed for autocompletion in subdirectories >files_list_home(rtorrent_t) > ># No needs to modify the conf so read access >read_files_pattern(rtorrent_t, rtorrent_conf_t, rtorrent_conf_t) > ># Manage the session files >manage_dirs_pattern(rtorrent_t, rtorrent_session_t, rtorrent_session_t) >manage_files_pattern(rtorrent_t, rtorrent_session_t, rtorrent_session_t) > ># Manage the downloaded files >manage_dirs_pattern(rtorrent_t, rtorrent_download_t, rtorrent_download_t) >manage_files_pattern(rtorrent_t, rtorrent_download_t, rtorrent_download_t) > ># Check the remaining free space >fs_getattr_xattr_fs(rtorrent_t) > ># Enable rtorrent to transform unix time to local time >miscfiles_read_localization(rtorrent_t) > >#pty communication (interactive program) >userdom_use_user_ptys(rtorrent_t) > >domain_use_interactive_fds(rtorrent_t) > >files_read_etc_files(rtorrent_t) > >allow rtorrent_t self:process signal; > > >######################################## ># ># rtorrent networking policy ># > >## ports >type rtorrent_tcp_port_t; >corenet_port(rtorrent_tcp_port_t); > >type rtorrent_udp_port_t; >corenet_port(rtorrent_udp_port_t); >#portcon udp 6881 gen_context(system_u:object_r:rtorrent_udp_port_t,s0) > >sysnet_read_config(rtorrent_t) > >allow rtorrent_t self:netlink_route_socket r_netlink_socket_perms; >allow rtorrent_t self:tcp_socket create_stream_socket_perms; > >corenet_tcp_bind_generic_node(rtorrent_t) >corenet_tcp_connect_all_ports(rtorrent_t) >corenet_tcp_sendrecv_all_ports(rtorrent_t) > ># Listen on the ports given to rtorrent >allow rtorrent_t rtorrent_tcp_port_t:tcp_socket { name_bind send_msg recv_msg }; > > >######################################## ># ># rtorrent tunable policies ># > >tunable_policy(`rtorrent_use_dht',` > allow rtorrent_t rtorrent_udp_port_t:udp_socket { name_bind send_msg recv_msg }; > allow rtorrent_t self:udp_socket create_stream_socket_perms; > corenet_udp_bind_generic_node(rtorrent_t) >') > >tunable_policy(`rtorrent_use_rsync',` > corecmd_search_bin(rtorrent_t) > rsync_exec(rtorrent_t) > corenet_tcp_connect_rsync_port(rtorrent_t) > corenet_sendrecv_rsync_client_packets(rtorrent_t) > allow rtorrent_t self:unix_stream_socket { create connect write read }; >') > > > > >######################################## ># ># Need to be moved to the role modules ># > >rtorrent_admin(sysadm_t, sysadm_r) >rtorrent_role(user_r, user_t)
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 433084
: 322466 |
322468
|
322470
|
322472