|
Chris PeBenito |
6bb0da3 |
## <summary>Myapp example policy</summary>
|
|
Chris PeBenito |
6bb0da3 |
## <desc>
|
|
Chris PeBenito |
6bb0da3 |
##
|
|
Chris PeBenito |
85bec1a |
## More descriptive text about myapp. The desc
|
|
Chris PeBenito |
85bec1a |
## tag can also use p, ul, and ol
|
|
Chris PeBenito |
6bb0da3 |
## html tags for formatting.
|
|
Chris PeBenito |
6bb0da3 |
##
|
|
Chris PeBenito |
6bb0da3 |
##
|
|
Chris PeBenito |
6bb0da3 |
## This policy supports the following myapp features:
|
|
Chris PeBenito |
6bb0da3 |
##
|
|
Chris PeBenito |
6bb0da3 |
## Feature A
|
|
Chris PeBenito |
6bb0da3 |
## Feature B
|
|
Chris PeBenito |
6bb0da3 |
## Feature C
|
|
Chris PeBenito |
6bb0da3 |
##
|
|
Chris PeBenito |
6bb0da3 |
##
|
|
Chris PeBenito |
6bb0da3 |
## </desc>
|
|
Chris PeBenito |
6bb0da3 |
#
|
|
Chris PeBenito |
6bb0da3 |
|
|
Chris PeBenito |
6bb0da3 |
########################################
|
|
Chris PeBenito |
6bb0da3 |
## <summary>
|
|
Chris PeBenito |
6bb0da3 |
## Execute a domain transition to run myapp.
|
|
Chris PeBenito |
6bb0da3 |
## </summary>
|
|
Chris PeBenito |
6bb0da3 |
## <param name="domain">
|
|
Chris PeBenito |
85bec1a |
## <summary>
|
|
Chris PeBenito |
6bb0da3 |
## Domain allowed to transition.
|
|
Chris PeBenito |
85bec1a |
## </summary>
|
|
Chris PeBenito |
6bb0da3 |
## </param>
|
|
Chris PeBenito |
6bb0da3 |
#
|
|
Chris PeBenito |
6bb0da3 |
interface(`myapp_domtrans',`
|
|
Chris PeBenito |
884e3be |
gen_require(`
|
|
Chris PeBenito |
6bb0da3 |
type myapp_t, myapp_exec_t;
|
|
Chris PeBenito |
6bb0da3 |
')
|
|
Chris PeBenito |
6bb0da3 |
|
|
Chris PeBenito |
85bec1a |
domtrans_pattern($1,myapp_exec_t,myapp_t)
|
|
Chris PeBenito |
6bb0da3 |
')
|
|
Chris PeBenito |
6bb0da3 |
|
|
Chris PeBenito |
6bb0da3 |
########################################
|
|
Chris PeBenito |
6bb0da3 |
## <summary>
|
|
Chris PeBenito |
6bb0da3 |
## Read myapp log files.
|
|
Chris PeBenito |
6bb0da3 |
## </summary>
|
|
Chris PeBenito |
6bb0da3 |
## <param name="domain">
|
|
Chris PeBenito |
85bec1a |
## <summary>
|
|
Chris PeBenito |
6bb0da3 |
## Domain allowed to read the log files.
|
|
Chris PeBenito |
85bec1a |
## </summary>
|
|
Chris PeBenito |
6bb0da3 |
## </param>
|
|
Chris PeBenito |
6bb0da3 |
#
|
|
Chris PeBenito |
6bb0da3 |
interface(`myapp_read_log',`
|
|
Chris PeBenito |
884e3be |
gen_require(`
|
|
Chris PeBenito |
6bb0da3 |
type myapp_log_t;
|
|
Chris PeBenito |
6bb0da3 |
')
|
|
Chris PeBenito |
6bb0da3 |
|
|
Chris PeBenito |
6bb0da3 |
logging_search_logs($1)
|
|
Chris PeBenito |
85bec1a |
allow $1 myapp_log_t:file read_file_perms;
|
|
Chris PeBenito |
6bb0da3 |
')
|