1 |
commit: 3149b5ee56dfe6c99fcc21df22c88cb118870dc6 |
2 |
Author: Jason Zaman <jason <AT> perfinion <DOT> com> |
3 |
AuthorDate: Tue Nov 25 04:53:23 2014 +0000 |
4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Feb 9 18:35:00 2015 +0000 |
6 |
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=3149b5ee |
7 |
|
8 |
Add all foo_admin interfaces to sysadm.te |
9 |
|
10 |
--- |
11 |
policy/modules/roles/sysadm.te | 867 ++++++++++++++++++++++++++++++++++++++++- |
12 |
1 file changed, 847 insertions(+), 20 deletions(-) |
13 |
|
14 |
diff --git a/policy/modules/roles/sysadm.te b/policy/modules/roles/sysadm.te |
15 |
index 91da175..195b5f3 100644 |
16 |
--- a/policy/modules/roles/sysadm.te |
17 |
+++ b/policy/modules/roles/sysadm.te |
18 |
@@ -485,52 +485,574 @@ ifdef(`distro_gentoo',` |
19 |
dev_read_cpuid(sysadm_t) |
20 |
|
21 |
optional_policy(` |
22 |
+ dracut_run(sysadm_t, sysadm_r) |
23 |
+ ') |
24 |
+ |
25 |
+ optional_policy(` |
26 |
+ fail2ban_run_client(sysadm_t, sysadm_r) |
27 |
+ ') |
28 |
+ |
29 |
+ optional_policy(` |
30 |
+ gorg_role(sysadm_r, sysadm_t) |
31 |
+ ') |
32 |
+ |
33 |
+ optional_policy(` |
34 |
+ mutt_role(sysadm_r, sysadm_t) |
35 |
+ ') |
36 |
+ |
37 |
+ optional_policy(` |
38 |
+ networkmanager_run_wpa_cli(sysadm_t, sysadm_r) |
39 |
+ ') |
40 |
+ |
41 |
+ optional_policy(` |
42 |
+ qemu_read_state(sysadm_t) |
43 |
+ qemu_signal(sysadm_t) |
44 |
+ qemu_kill(sysadm_t) |
45 |
+ qemu_setsched(sysadm_t) |
46 |
+ qemu_run(sysadm_t, sysadm_r) |
47 |
+ ') |
48 |
+ |
49 |
+ optional_policy(` |
50 |
+ # Support audit2allow, sepolgen and so on |
51 |
+ selinux_read_policy(sysadm_t) |
52 |
+ ') |
53 |
+ |
54 |
+ optional_policy(` |
55 |
+ vde_role(sysadm_r, sysadm_t) |
56 |
+ ') |
57 |
+ |
58 |
+ ######################################### |
59 |
+ # |
60 |
+ # Local sysadm_t admin interfaces |
61 |
+ # |
62 |
+ |
63 |
+ optional_policy(` |
64 |
+ abrt_admin(sysadm_t, sysadm_r) |
65 |
+ ') |
66 |
+ |
67 |
+ optional_policy(` |
68 |
+ accountsd_admin(sysadm_t, sysadm_r) |
69 |
+ ') |
70 |
+ |
71 |
+ optional_policy(` |
72 |
+ acct_admin(sysadm_t, sysadm_r) |
73 |
+ ') |
74 |
+ |
75 |
+ optional_policy(` |
76 |
+ afs_admin(sysadm_t, sysadm_r) |
77 |
+ ') |
78 |
+ |
79 |
+ optional_policy(` |
80 |
+ aiccu_admin(sysadm_t, sysadm_r) |
81 |
+ ') |
82 |
+ |
83 |
+ optional_policy(` |
84 |
+ aide_admin(sysadm_t, sysadm_r) |
85 |
+ ') |
86 |
+ |
87 |
+ optional_policy(` |
88 |
+ aisexecd_admin(sysadm_t, sysadm_r) |
89 |
+ ') |
90 |
+ |
91 |
+ optional_policy(` |
92 |
+ amavis_admin(sysadm_t, sysadm_r) |
93 |
+ ') |
94 |
+ |
95 |
+ optional_policy(` |
96 |
+ amtu_admin(sysadm_t, sysadm_r) |
97 |
+ ') |
98 |
+ |
99 |
+ optional_policy(` |
100 |
+ apache_admin(sysadm_t, sysadm_r) |
101 |
+ ') |
102 |
+ |
103 |
+ optional_policy(` |
104 |
+ apcupsd_admin(sysadm_t, sysadm_r) |
105 |
+ ') |
106 |
+ |
107 |
+ optional_policy(` |
108 |
+ apm_admin(sysadm_t, sysadm_r) |
109 |
+ ') |
110 |
+ |
111 |
+ optional_policy(` |
112 |
+ arpwatch_admin(sysadm_t, sysadm_r) |
113 |
+ ') |
114 |
+ |
115 |
+ optional_policy(` |
116 |
asterisk_admin(sysadm_t, sysadm_r) |
117 |
') |
118 |
|
119 |
optional_policy(` |
120 |
- bind_admin(sysadm_t, sysadm_r) |
121 |
+ automount_admin(sysadm_t, sysadm_r) |
122 |
+ ') |
123 |
+ |
124 |
+ optional_policy(` |
125 |
+ avahi_admin(sysadm_t, sysadm_r) |
126 |
+ ') |
127 |
+ |
128 |
+ optional_policy(` |
129 |
+ bacula_admin(sysadm_t, sysadm_r) |
130 |
+ ') |
131 |
+ |
132 |
+ optional_policy(` |
133 |
+ bacula_domtrans_admin(sysadm_t, sysadm_r) |
134 |
+ ') |
135 |
+ |
136 |
+ optional_policy(` |
137 |
+ bcfg2_admin(sysadm_t, sysadm_r) |
138 |
+ ') |
139 |
+ |
140 |
+ optional_policy(` |
141 |
+ bind_admin(sysadm_t, sysadm_r) |
142 |
+ ') |
143 |
+ |
144 |
+ optional_policy(` |
145 |
+ bird_admin(sysadm_t, sysadm_r) |
146 |
+ ') |
147 |
+ |
148 |
+ optional_policy(` |
149 |
+ bitlbee_admin(sysadm_t, sysadm_r) |
150 |
+ ') |
151 |
+ |
152 |
+ optional_policy(` |
153 |
+ bluetooth_admin(sysadm_t, sysadm_r) |
154 |
+ ') |
155 |
+ |
156 |
+ optional_policy(` |
157 |
+ boinc_admin(sysadm_t, sysadm_r) |
158 |
+ ') |
159 |
+ |
160 |
+ optional_policy(` |
161 |
+ bugzilla_admin(sysadm_t, sysadm_r) |
162 |
+ ') |
163 |
+ |
164 |
+ optional_policy(` |
165 |
+ cachefilesd_admin(sysadm_t, sysadm_r) |
166 |
+ ') |
167 |
+ |
168 |
+ optional_policy(` |
169 |
+ calamaris_admin(sysadm_t, sysadm_r) |
170 |
+ ') |
171 |
+ |
172 |
+ optional_policy(` |
173 |
+ callweaver_admin(sysadm_t, sysadm_r) |
174 |
+ ') |
175 |
+ |
176 |
+ optional_policy(` |
177 |
+ canna_admin(sysadm_t, sysadm_r) |
178 |
+ ') |
179 |
+ |
180 |
+ optional_policy(` |
181 |
+ ccs_admin(sysadm_t, sysadm_r) |
182 |
+ ') |
183 |
+ |
184 |
+ optional_policy(` |
185 |
+ certmaster_admin(sysadm_t, sysadm_r) |
186 |
+ ') |
187 |
+ |
188 |
+ optional_policy(` |
189 |
+ certmonger_admin(sysadm_t, sysadm_r) |
190 |
+ ') |
191 |
+ |
192 |
+ optional_policy(` |
193 |
+ cfengine_admin(sysadm_t, sysadm_r) |
194 |
+ ') |
195 |
+ |
196 |
+ optional_policy(` |
197 |
+ cgroup_admin(sysadm_t, sysadm_r) |
198 |
+ ') |
199 |
+ |
200 |
+ optional_policy(` |
201 |
+ chronyd_admin(sysadm_t, sysadm_r) |
202 |
+ ') |
203 |
+ |
204 |
+ optional_policy(` |
205 |
+ cipe_admin(sysadm_t, sysadm_r) |
206 |
+ ') |
207 |
+ |
208 |
+ optional_policy(` |
209 |
+ clamav_admin(sysadm_t, sysadm_r) |
210 |
+ ') |
211 |
+ |
212 |
+ optional_policy(` |
213 |
+ cmirrord_admin(sysadm_t, sysadm_r) |
214 |
+ ') |
215 |
+ |
216 |
+ optional_policy(` |
217 |
+ cobbler_admin(sysadm_t, sysadm_r) |
218 |
+ ') |
219 |
+ |
220 |
+ optional_policy(` |
221 |
+ collectd_admin(sysadm_t, sysadm_r) |
222 |
+ ') |
223 |
+ |
224 |
+ optional_policy(` |
225 |
+ condor_admin(sysadm_t, sysadm_r) |
226 |
+ ') |
227 |
+ |
228 |
+ optional_policy(` |
229 |
+ corosync_admin(sysadm_t, sysadm_r) |
230 |
+ ') |
231 |
+ |
232 |
+ optional_policy(` |
233 |
+ couchdb_admin(sysadm_t, sysadm_r) |
234 |
+ ') |
235 |
+ |
236 |
+ optional_policy(` |
237 |
+ ctdb_admin(sysadm_t, sysadm_r) |
238 |
+ ') |
239 |
+ |
240 |
+ optional_policy(` |
241 |
+ cups_admin(sysadm_t, sysadm_r) |
242 |
+ ') |
243 |
+ |
244 |
+ optional_policy(` |
245 |
+ cvs_admin(sysadm_t, sysadm_r) |
246 |
+ ') |
247 |
+ |
248 |
+ optional_policy(` |
249 |
+ cyphesis_admin(sysadm_t, sysadm_r) |
250 |
+ ') |
251 |
+ |
252 |
+ optional_policy(` |
253 |
+ cyrus_admin(sysadm_t, sysadm_r) |
254 |
+ ') |
255 |
+ |
256 |
+ optional_policy(` |
257 |
+ dante_admin(sysadm_t, sysadm_r) |
258 |
+ ') |
259 |
+ |
260 |
+ optional_policy(` |
261 |
+ ddclient_admin(sysadm_t, sysadm_r) |
262 |
+ ') |
263 |
+ |
264 |
+ optional_policy(` |
265 |
+ denyhosts_admin(sysadm_t, sysadm_r) |
266 |
+ ') |
267 |
+ |
268 |
+ optional_policy(` |
269 |
+ devicekit_admin(sysadm_t, sysadm_r) |
270 |
+ ') |
271 |
+ |
272 |
+ optional_policy(` |
273 |
+ dhcpd_admin(sysadm_t, sysadm_r) |
274 |
+ ') |
275 |
+ |
276 |
+ optional_policy(` |
277 |
+ dictd_admin(sysadm_t, sysadm_r) |
278 |
+ ') |
279 |
+ |
280 |
+ optional_policy(` |
281 |
+ dirmngr_admin(sysadm_t, sysadm_r) |
282 |
+ ') |
283 |
+ |
284 |
+ optional_policy(` |
285 |
+ distcc_admin(sysadm_t, sysadm_r) |
286 |
+ ') |
287 |
+ |
288 |
+ optional_policy(` |
289 |
+ dkim_admin(sysadm_t, sysadm_r) |
290 |
+ ') |
291 |
+ |
292 |
+ optional_policy(` |
293 |
+ # Bug 529208 |
294 |
+ dmesg_run(sysadm_t, sysadm_r) |
295 |
+ ') |
296 |
+ |
297 |
+ optional_policy(` |
298 |
+ dnsmasq_admin(sysadm_t, sysadm_r) |
299 |
+ ') |
300 |
+ |
301 |
+ optional_policy(` |
302 |
+ dnssectrigger_admin(sysadm_t, sysadm_r) |
303 |
+ ') |
304 |
+ |
305 |
+ optional_policy(` |
306 |
+ dovecot_admin(sysadm_t, sysadm_r) |
307 |
+ ') |
308 |
+ |
309 |
+ optional_policy(` |
310 |
+ drbd_admin(sysadm_t, sysadm_r) |
311 |
+ ') |
312 |
+ |
313 |
+ optional_policy(` |
314 |
+ dspam_admin(sysadm_t, sysadm_r) |
315 |
+ ') |
316 |
+ |
317 |
+ optional_policy(` |
318 |
+ entropyd_admin(sysadm_t, sysadm_r) |
319 |
+ ') |
320 |
+ |
321 |
+ optional_policy(` |
322 |
+ exim_admin(sysadm_t, sysadm_r) |
323 |
+ ') |
324 |
+ |
325 |
+ optional_policy(` |
326 |
+ fail2ban_admin(sysadm_t, sysadm_r) |
327 |
+ ') |
328 |
+ |
329 |
+ optional_policy(` |
330 |
+ fcoe_admin(sysadm_t, sysadm_r) |
331 |
+ ') |
332 |
+ |
333 |
+ optional_policy(` |
334 |
+ fetchmail_admin(sysadm_t, sysadm_r) |
335 |
+ ') |
336 |
+ |
337 |
+ optional_policy(` |
338 |
+ firewalld_admin(sysadm_t, sysadm_r) |
339 |
+ ') |
340 |
+ |
341 |
+ optional_policy(` |
342 |
+ ftp_admin(sysadm_t, sysadm_r) |
343 |
+ ') |
344 |
+ |
345 |
+ optional_policy(` |
346 |
+ gatekeeper_admin(sysadm_t, sysadm_r) |
347 |
+ ') |
348 |
+ |
349 |
+ optional_policy(` |
350 |
+ gdomap_admin(sysadm_t, sysadm_r) |
351 |
+ ') |
352 |
+ |
353 |
+ optional_policy(` |
354 |
+ glance_admin(sysadm_t, sysadm_r) |
355 |
+ ') |
356 |
+ |
357 |
+ optional_policy(` |
358 |
+ glusterfs_admin(sysadm_t, sysadm_r) |
359 |
+ ') |
360 |
+ |
361 |
+ optional_policy(` |
362 |
+ gpm_admin(sysadm_t, sysadm_r) |
363 |
+ ') |
364 |
+ |
365 |
+ optional_policy(` |
366 |
+ gpsd_admin(sysadm_t, sysadm_r) |
367 |
+ ') |
368 |
+ |
369 |
+ optional_policy(` |
370 |
+ hadoop_admin(sysadm_t, sysadm_r) |
371 |
+ ') |
372 |
+ |
373 |
+ optional_policy(` |
374 |
+ hddtemp_admin(sysadm_t, sysadm_r) |
375 |
+ ') |
376 |
+ |
377 |
+ optional_policy(` |
378 |
+ howl_admin(sysadm_t, sysadm_r) |
379 |
+ ') |
380 |
+ |
381 |
+ optional_policy(` |
382 |
+ hypervkvp_admin(sysadm_t, sysadm_r) |
383 |
+ ') |
384 |
+ |
385 |
+ optional_policy(` |
386 |
+ i18n_input_admin(sysadm_t, sysadm_r) |
387 |
+ ') |
388 |
+ |
389 |
+ optional_policy(` |
390 |
+ icecast_admin(sysadm_t, sysadm_r) |
391 |
+ ') |
392 |
+ |
393 |
+ optional_policy(` |
394 |
+ ifplugd_admin(sysadm_t, sysadm_r) |
395 |
+ ') |
396 |
+ |
397 |
+ optional_policy(` |
398 |
+ inn_admin(sysadm_t, sysadm_r) |
399 |
+ ') |
400 |
+ |
401 |
+ optional_policy(` |
402 |
+ iodine_admin(sysadm_t, sysadm_r) |
403 |
+ ') |
404 |
+ |
405 |
+ optional_policy(` |
406 |
+ ircd_admin(sysadm_t, sysadm_r) |
407 |
+ ') |
408 |
+ |
409 |
+ optional_policy(` |
410 |
+ irqbalance_admin(sysadm_t, sysadm_r) |
411 |
+ ') |
412 |
+ |
413 |
+ optional_policy(` |
414 |
+ iscsi_admin(sysadm_t, sysadm_r) |
415 |
+ ') |
416 |
+ |
417 |
+ optional_policy(` |
418 |
+ isnsd_admin(sysadm_t, sysadm_r) |
419 |
+ ') |
420 |
+ |
421 |
+ optional_policy(` |
422 |
+ jabber_admin(sysadm_t, sysadm_r) |
423 |
+ ') |
424 |
+ |
425 |
+ optional_policy(` |
426 |
+ kdump_admin(sysadm_t, sysadm_r) |
427 |
+ ') |
428 |
+ |
429 |
+ optional_policy(` |
430 |
+ kerberos_admin(sysadm_t, sysadm_r) |
431 |
+ ') |
432 |
+ |
433 |
+ optional_policy(` |
434 |
+ kerneloops_admin(sysadm_t, sysadm_r) |
435 |
+ ') |
436 |
+ |
437 |
+ optional_policy(` |
438 |
+ keystone_admin(sysadm_t, sysadm_r) |
439 |
+ ') |
440 |
+ |
441 |
+ optional_policy(` |
442 |
+ kismet_admin(sysadm_t, sysadm_r) |
443 |
+ ') |
444 |
+ |
445 |
+ optional_policy(` |
446 |
+ ksmtuned_admin(sysadm_t, sysadm_r) |
447 |
+ ') |
448 |
+ |
449 |
+ optional_policy(` |
450 |
+ kudzu_admin(sysadm_t, sysadm_r) |
451 |
+ ') |
452 |
+ |
453 |
+ optional_policy(` |
454 |
+ l2tp_admin(sysadm_t, sysadm_r) |
455 |
+ ') |
456 |
+ |
457 |
+ optional_policy(` |
458 |
+ ldap_admin(sysadm_t, sysadm_r) |
459 |
+ ') |
460 |
+ |
461 |
+ optional_policy(` |
462 |
+ lightsquid_admin(sysadm_t, sysadm_r) |
463 |
+ ') |
464 |
+ |
465 |
+ optional_policy(` |
466 |
+ likewise_admin(sysadm_t, sysadm_r) |
467 |
+ ') |
468 |
+ |
469 |
+ optional_policy(` |
470 |
+ lircd_admin(sysadm_t, sysadm_r) |
471 |
+ ') |
472 |
+ |
473 |
+ optional_policy(` |
474 |
+ lldpad_admin(sysadm_t, sysadm_r) |
475 |
+ ') |
476 |
+ |
477 |
+ optional_policy(` |
478 |
+ logsentry_admin(sysadm_t, sysadm_r) |
479 |
+ ') |
480 |
+ |
481 |
+ optional_policy(` |
482 |
+ lsmd_admin(sysadm_t, sysadm_r) |
483 |
+ ') |
484 |
+ |
485 |
+ optional_policy(` |
486 |
+ mandb_admin(sysadm_t, sysadm_r) |
487 |
+ ') |
488 |
+ |
489 |
+ optional_policy(` |
490 |
+ mcelog_admin(sysadm_t, sysadm_r) |
491 |
+ ') |
492 |
+ |
493 |
+ optional_policy(` |
494 |
+ memcached_admin(sysadm_t, sysadm_r) |
495 |
+ ') |
496 |
+ |
497 |
+ optional_policy(` |
498 |
+ minidlna_admin(sysadm_t, sysadm_r) |
499 |
+ ') |
500 |
+ |
501 |
+ optional_policy(` |
502 |
+ minissdpd_admin(sysadm_t, sysadm_r) |
503 |
+ ') |
504 |
+ |
505 |
+ optional_policy(` |
506 |
+ mongodb_admin(sysadm_t, sysadm_r) |
507 |
+ ') |
508 |
+ |
509 |
+ optional_policy(` |
510 |
+ monop_admin(sysadm_t, sysadm_r) |
511 |
+ ') |
512 |
+ |
513 |
+ optional_policy(` |
514 |
+ mpd_admin(sysadm_t, sysadm_r) |
515 |
+ ') |
516 |
+ |
517 |
+ optional_policy(` |
518 |
+ mrtg_admin(sysadm_t, sysadm_r) |
519 |
+ ') |
520 |
+ |
521 |
+ optional_policy(` |
522 |
+ mscan_admin(sysadm_t, sysadm_r) |
523 |
+ ') |
524 |
+ |
525 |
+ optional_policy(` |
526 |
+ munin_admin(sysadm_t, sysadm_r) |
527 |
+ ') |
528 |
+ |
529 |
+ optional_policy(` |
530 |
+ mysql_admin(sysadm_t, sysadm_r) |
531 |
+ ') |
532 |
+ |
533 |
+ optional_policy(` |
534 |
+ nagios_admin(sysadm_t, sysadm_r) |
535 |
+ ') |
536 |
+ |
537 |
+ optional_policy(` |
538 |
+ nessus_admin(sysadm_t, sysadm_r) |
539 |
+ ') |
540 |
+ |
541 |
+ optional_policy(` |
542 |
+ networkmanager_admin(sysadm_t, sysadm_r) |
543 |
+ ') |
544 |
+ |
545 |
+ optional_policy(` |
546 |
+ nginx_admin(sysadm_t, sysadm_r) |
547 |
') |
548 |
|
549 |
optional_policy(` |
550 |
- # Bug 529208 |
551 |
- dmesg_run(sysadm_t, sysadm_r) |
552 |
+ nis_admin(sysadm_t, sysadm_r) |
553 |
') |
554 |
|
555 |
optional_policy(` |
556 |
- dnsmasq_admin(sysadm_t, sysadm_r) |
557 |
+ nscd_admin(sysadm_t, sysadm_r) |
558 |
') |
559 |
|
560 |
optional_policy(` |
561 |
- dovecot_admin(sysadm_t, sysadm_r) |
562 |
+ nsd_admin(sysadm_t, sysadm_r) |
563 |
') |
564 |
|
565 |
optional_policy(` |
566 |
- dracut_run(sysadm_t, sysadm_r) |
567 |
+ nslcd_admin(sysadm_t, sysadm_r) |
568 |
') |
569 |
|
570 |
optional_policy(` |
571 |
- fail2ban_run_client(sysadm_t, sysadm_r) |
572 |
+ ntop_admin(sysadm_t, sysadm_r) |
573 |
') |
574 |
|
575 |
optional_policy(` |
576 |
- gorg_role(sysadm_r, sysadm_t) |
577 |
+ ntp_admin(sysadm_t, sysadm_r) |
578 |
') |
579 |
|
580 |
optional_policy(` |
581 |
- mutt_role(sysadm_r, sysadm_t) |
582 |
+ numad_admin(sysadm_t, sysadm_r) |
583 |
') |
584 |
|
585 |
optional_policy(` |
586 |
- networkmanager_run_wpa_cli(sysadm_t, sysadm_r) |
587 |
+ nut_admin(sysadm_t, sysadm_r) |
588 |
') |
589 |
|
590 |
optional_policy(` |
591 |
- nginx_admin(sysadm_t, sysadm_r) |
592 |
+ oident_admin(sysadm_t, sysadm_r) |
593 |
') |
594 |
|
595 |
optional_policy(` |
596 |
- ntp_admin(sysadm_t, sysadm_r) |
597 |
+ openct_admin(sysadm_t, sysadm_r) |
598 |
+ ') |
599 |
+ |
600 |
+ optional_policy(` |
601 |
+ openhpi_admin(sysadm_t, sysadm_r) |
602 |
') |
603 |
|
604 |
optional_policy(` |
605 |
@@ -538,24 +1060,160 @@ ifdef(`distro_gentoo',` |
606 |
') |
607 |
|
608 |
optional_policy(` |
609 |
+ openvswitch_admin(sysadm_t, sysadm_r) |
610 |
+ ') |
611 |
+ |
612 |
+ optional_policy(` |
613 |
+ pacemaker_admin(sysadm_t, sysadm_r) |
614 |
+ ') |
615 |
+ |
616 |
+ optional_policy(` |
617 |
+ pads_admin(sysadm_t, sysadm_r) |
618 |
+ ') |
619 |
+ |
620 |
+ optional_policy(` |
621 |
+ pcscd_admin(sysadm_t, sysadm_r) |
622 |
+ ') |
623 |
+ |
624 |
+ optional_policy(` |
625 |
+ pegasus_admin(sysadm_t, sysadm_r) |
626 |
+ ') |
627 |
+ |
628 |
+ optional_policy(` |
629 |
+ perdition_admin(sysadm_t, sysadm_r) |
630 |
+ ') |
631 |
+ |
632 |
+ optional_policy(` |
633 |
+ phpfpm_admin(sysadm_t, sysadm_r) |
634 |
+ ') |
635 |
+ |
636 |
+ optional_policy(` |
637 |
+ pingd_admin(sysadm_t, sysadm_r) |
638 |
+ ') |
639 |
+ |
640 |
+ optional_policy(` |
641 |
+ pkcs_admin_slotd(sysadm_t, sysadm_r) |
642 |
+ ') |
643 |
+ |
644 |
+ optional_policy(` |
645 |
+ plymouthd_admin(sysadm_t, sysadm_r) |
646 |
+ ') |
647 |
+ |
648 |
+ optional_policy(` |
649 |
+ polipo_admin(sysadm_t, sysadm_r) |
650 |
+ ') |
651 |
+ |
652 |
+ optional_policy(` |
653 |
+ portmap_admin(sysadm_t, sysadm_r) |
654 |
+ ') |
655 |
+ |
656 |
+ optional_policy(` |
657 |
+ portreserve_admin(sysadm_t, sysadm_r) |
658 |
+ ') |
659 |
+ |
660 |
+ optional_policy(` |
661 |
postfix_admin(sysadm_t, sysadm_r) |
662 |
') |
663 |
|
664 |
optional_policy(` |
665 |
+ postfixpolicyd_admin(sysadm_t, sysadm_r) |
666 |
+ ') |
667 |
+ |
668 |
+ optional_policy(` |
669 |
postgresql_admin(sysadm_t, sysadm_r) |
670 |
postgresql_exec(sysadm_t) |
671 |
') |
672 |
|
673 |
optional_policy(` |
674 |
+ postgrey_admin(sysadm_t, sysadm_r) |
675 |
+ ') |
676 |
+ |
677 |
+ optional_policy(` |
678 |
+ ppp_admin(sysadm_t, sysadm_r) |
679 |
+ ') |
680 |
+ |
681 |
+ optional_policy(` |
682 |
+ prelude_admin(sysadm_t, sysadm_r) |
683 |
+ ') |
684 |
+ |
685 |
+ optional_policy(` |
686 |
+ privoxy_admin(sysadm_t, sysadm_r) |
687 |
+ ') |
688 |
+ |
689 |
+ optional_policy(` |
690 |
+ psad_admin(sysadm_t, sysadm_r) |
691 |
+ ') |
692 |
+ |
693 |
+ optional_policy(` |
694 |
puppet_admin(sysadm_t, sysadm_r) |
695 |
') |
696 |
|
697 |
optional_policy(` |
698 |
- qemu_read_state(sysadm_t) |
699 |
- qemu_signal(sysadm_t) |
700 |
- qemu_kill(sysadm_t) |
701 |
- qemu_setsched(sysadm_t) |
702 |
- qemu_run(sysadm_t, sysadm_r) |
703 |
+ pxe_admin(sysadm_t, sysadm_r) |
704 |
+ ') |
705 |
+ |
706 |
+ optional_policy(` |
707 |
+ pyicqt_admin(sysadm_t, sysadm_r) |
708 |
+ ') |
709 |
+ |
710 |
+ optional_policy(` |
711 |
+ qpidd_admin(sysadm_t, sysadm_r) |
712 |
+ ') |
713 |
+ |
714 |
+ optional_policy(` |
715 |
+ quantum_admin(sysadm_t, sysadm_r) |
716 |
+ ') |
717 |
+ |
718 |
+ optional_policy(` |
719 |
+ quota_admin(sysadm_t, sysadm_r) |
720 |
+ ') |
721 |
+ |
722 |
+ optional_policy(` |
723 |
+ rabbitmq_admin(sysadm_t, sysadm_r) |
724 |
+ ') |
725 |
+ |
726 |
+ optional_policy(` |
727 |
+ radius_admin(sysadm_t, sysadm_r) |
728 |
+ ') |
729 |
+ |
730 |
+ optional_policy(` |
731 |
+ radvd_admin(sysadm_t, sysadm_r) |
732 |
+ ') |
733 |
+ |
734 |
+ optional_policy(` |
735 |
+ raid_admin_mdadm(sysadm_t, sysadm_r) |
736 |
+ ') |
737 |
+ |
738 |
+ optional_policy(` |
739 |
+ redis_admin(sysadm_t, sysadm_r) |
740 |
+ ') |
741 |
+ |
742 |
+ optional_policy(` |
743 |
+ resmgr_admin(sysadm_t, sysadm_r) |
744 |
+ ') |
745 |
+ |
746 |
+ optional_policy(` |
747 |
+ rgmanager_admin(sysadm_t, sysadm_r) |
748 |
+ ') |
749 |
+ |
750 |
+ optional_policy(` |
751 |
+ rhcs_admin(sysadm_t, sysadm_r) |
752 |
+ ') |
753 |
+ |
754 |
+ optional_policy(` |
755 |
+ rhsmcertd_admin(sysadm_t, sysadm_r) |
756 |
+ ') |
757 |
+ |
758 |
+ optional_policy(` |
759 |
+ ricci_admin(sysadm_t, sysadm_r) |
760 |
+ ') |
761 |
+ |
762 |
+ optional_policy(` |
763 |
+ rngd_admin(sysadm_t, sysadm_r) |
764 |
+ ') |
765 |
+ |
766 |
+ optional_policy(` |
767 |
+ roundup_admin(sysadm_t, sysadm_r) |
768 |
') |
769 |
|
770 |
optional_policy(` |
771 |
@@ -563,21 +1221,57 @@ ifdef(`distro_gentoo',` |
772 |
') |
773 |
|
774 |
optional_policy(` |
775 |
+ rpcbind_admin(sysadm_t, sysadm_r) |
776 |
rpcbind_stream_connect(sysadm_t) |
777 |
') |
778 |
|
779 |
optional_policy(` |
780 |
+ rpm_admin(sysadm_t, sysadm_r) |
781 |
+ ') |
782 |
+ |
783 |
+ optional_policy(` |
784 |
+ rsync_admin(sysadm_t, sysadm_r) |
785 |
+ ') |
786 |
+ |
787 |
+ optional_policy(` |
788 |
+ rtkit_admin(sysadm_t, sysadm_r) |
789 |
+ ') |
790 |
+ |
791 |
+ optional_policy(` |
792 |
rtorrent_admin(sysadm_t, sysadm_r) |
793 |
') |
794 |
|
795 |
optional_policy(` |
796 |
+ rwho_admin(sysadm_t, sysadm_r) |
797 |
+ ') |
798 |
+ |
799 |
+ optional_policy(` |
800 |
salt_admin_master(sysadm_t, sysadm_r) |
801 |
salt_admin_minion(sysadm_t, sysadm_r) |
802 |
') |
803 |
|
804 |
optional_policy(` |
805 |
- # Support audit2allow, sepolgen and so on |
806 |
- selinux_read_policy(sysadm_t) |
807 |
+ samba_admin(sysadm_t, sysadm_r) |
808 |
+ ') |
809 |
+ |
810 |
+ optional_policy(` |
811 |
+ sanlock_admin(sysadm_t, sysadm_r) |
812 |
+ ') |
813 |
+ |
814 |
+ optional_policy(` |
815 |
+ sasl_admin(sysadm_t, sysadm_r) |
816 |
+ ') |
817 |
+ |
818 |
+ optional_policy(` |
819 |
+ sblim_admin(sysadm_t, sysadm_r) |
820 |
+ ') |
821 |
+ |
822 |
+ optional_policy(` |
823 |
+ sensord_admin(sysadm_t, sysadm_r) |
824 |
+ ') |
825 |
+ |
826 |
+ optional_policy(` |
827 |
+ setroubleshoot_admin(sysadm_t, sysadm_r) |
828 |
') |
829 |
|
830 |
optional_policy(` |
831 |
@@ -585,6 +1279,139 @@ ifdef(`distro_gentoo',` |
832 |
') |
833 |
|
834 |
optional_policy(` |
835 |
- vde_role(sysadm_r, sysadm_t) |
836 |
+ slpd_admin(sysadm_t, sysadm_r) |
837 |
+ ') |
838 |
+ |
839 |
+ optional_policy(` |
840 |
+ smartmon_admin(sysadm_t, sysadm_r) |
841 |
+ ') |
842 |
+ |
843 |
+ optional_policy(` |
844 |
+ smokeping_admin(sysadm_t, sysadm_r) |
845 |
+ ') |
846 |
+ |
847 |
+ optional_policy(` |
848 |
+ smstools_admin(sysadm_t, sysadm_r) |
849 |
+ ') |
850 |
+ |
851 |
+ optional_policy(` |
852 |
+ snmp_admin(sysadm_t, sysadm_r) |
853 |
+ ') |
854 |
+ |
855 |
+ optional_policy(` |
856 |
+ snort_admin(sysadm_t, sysadm_r) |
857 |
+ ') |
858 |
+ |
859 |
+ optional_policy(` |
860 |
+ soundserver_admin(sysadm_t, sysadm_r) |
861 |
+ ') |
862 |
+ |
863 |
+ optional_policy(` |
864 |
+ spamassassin_admin(sysadm_t, sysadm_r) |
865 |
+ ') |
866 |
+ |
867 |
+ optional_policy(` |
868 |
+ squid_admin(sysadm_t, sysadm_r) |
869 |
+ ') |
870 |
+ |
871 |
+ optional_policy(` |
872 |
+ sssd_admin(sysadm_t, sysadm_r) |
873 |
+ ') |
874 |
+ |
875 |
+ optional_policy(` |
876 |
+ stapserver_admin(sysadm_t, sysadm_r) |
877 |
+ ') |
878 |
+ |
879 |
+ optional_policy(` |
880 |
+ svnserve_admin(sysadm_t, sysadm_r) |
881 |
+ ') |
882 |
+ |
883 |
+ optional_policy(` |
884 |
+ sysstat_admin(sysadm_t, sysadm_r) |
885 |
+ ') |
886 |
+ |
887 |
+ optional_policy(` |
888 |
+ tcsd_admin(sysadm_t, sysadm_r) |
889 |
+ ') |
890 |
+ |
891 |
+ optional_policy(` |
892 |
+ tftp_admin(sysadm_t, sysadm_r) |
893 |
+ ') |
894 |
+ |
895 |
+ optional_policy(` |
896 |
+ tgtd_admin(sysadm_t, sysadm_r) |
897 |
+ ') |
898 |
+ |
899 |
+ optional_policy(` |
900 |
+ tor_admin(sysadm_t, sysadm_r) |
901 |
+ ') |
902 |
+ |
903 |
+ optional_policy(` |
904 |
+ transproxy_admin(sysadm_t, sysadm_r) |
905 |
+ ') |
906 |
+ |
907 |
+ optional_policy(` |
908 |
+ tuned_admin(sysadm_t, sysadm_r) |
909 |
+ ') |
910 |
+ |
911 |
+ optional_policy(` |
912 |
+ ulogd_admin(sysadm_t, sysadm_r) |
913 |
+ ') |
914 |
+ |
915 |
+ optional_policy(` |
916 |
+ uptime_admin(sysadm_t, sysadm_r) |
917 |
+ ') |
918 |
+ |
919 |
+ optional_policy(` |
920 |
+ uucp_admin(sysadm_t, sysadm_r) |
921 |
+ ') |
922 |
+ |
923 |
+ optional_policy(` |
924 |
+ uuidd_admin(sysadm_t, sysadm_r) |
925 |
+ ') |
926 |
+ |
927 |
+ optional_policy(` |
928 |
+ varnishd_admin(sysadm_t, sysadm_r) |
929 |
+ varnishd_admin_varnishlog(sysadm_t, sysadm_r) |
930 |
+ ') |
931 |
+ |
932 |
+ optional_policy(` |
933 |
+ vdagent_admin(sysadm_t, sysadm_r) |
934 |
+ ') |
935 |
+ |
936 |
+ optional_policy(` |
937 |
+ vhostmd_admin(sysadm_t, sysadm_r) |
938 |
+ ') |
939 |
+ |
940 |
+ optional_policy(` |
941 |
+ virt_admin(sysadm_t, sysadm_r) |
942 |
+ ') |
943 |
+ |
944 |
+ optional_policy(` |
945 |
+ vnstatd_admin(sysadm_t, sysadm_r) |
946 |
+ ') |
947 |
+ |
948 |
+ optional_policy(` |
949 |
+ watchdog_admin(sysadm_t, sysadm_r) |
950 |
+ ') |
951 |
+ |
952 |
+ optional_policy(` |
953 |
+ wdmd_admin(sysadm_t, sysadm_r) |
954 |
+ ') |
955 |
+ |
956 |
+ optional_policy(` |
957 |
+ xfs_admin(sysadm_t, sysadm_r) |
958 |
+ ') |
959 |
+ |
960 |
+ optional_policy(` |
961 |
+ zabbix_admin(sysadm_t, sysadm_r) |
962 |
+ ') |
963 |
+ |
964 |
+ optional_policy(` |
965 |
+ zarafa_admin(sysadm_t, sysadm_r) |
966 |
+ ') |
967 |
+ |
968 |
+ optional_policy(` |
969 |
+ zebra_admin(sysadm_t, sysadm_r) |
970 |
') |
971 |
') |