rpms / selinux-policy

Clone
Source Code
GIT

Blame policy/modules/kernel/files.fc

config-existence-check config-existence-check2 f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 f7 f8 f9 main private-master-atomic-policy private-master-migrate-to-var-lib-selinux rawhide
  1.   3eaa99394500c2267bfd85722ebde18ae44636bd
  2.   policy
  3.   modules
  4.   kernel
  5.   files.fc
Blob History Raw
Chris PeBenito f8ec0ad
Chris PeBenito f8ec0ad 
#
Chris PeBenito f8ec0ad 
# /
Chris PeBenito f8ec0ad 
#
Chris PeBenito e02c61c 
/.*				gen_context(system_u:object_r:default_t,s0)
Chris PeBenito e02c61c 
/			-d	gen_context(system_u:object_r:root_t,s0)
Chris PeBenito f8ec0ad 
/\.journal			<<none>>
Chris PeBenito a65fd90 
/afs			-d	gen_context(system_u:object_r:mnt_t,s0)
Chris PeBenito 1c1ac67 
/initrd\.img.*		-l	gen_context(system_u:object_r:boot_t,s0)
Chris PeBenito 1c1ac67 
/vmlinuz.*		-l	gen_context(system_u:object_r:boot_t,s0)
Chris PeBenito 9c6feb6
Chris PeBenito 0907bda 
ifdef(`distro_redhat',`
Chris PeBenito e02c61c 
/\.autofsck		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61c 
/\.autorelabel		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito 4655103 
/\.suspended		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61c 
/fastboot 		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61c 
/forcefsck 		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61c 
/fsckoptions 		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61c 
/halt			--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61c 
/poweroff		--	gen_context(system_u:object_r:etc_runtime_t,s0)
3eaa993 
/[^/]+			--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito 0907bda 
')
Chris PeBenito f8ec0ad
Chris PeBenito 9c6feb6 
ifdef(`distro_suse',`
Chris PeBenito 693d4ae 
/success		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito 9c6feb6 
')
Chris PeBenito 9c6feb6
Chris PeBenito f8ec0ad 
#
Chris PeBenito f8ec0ad 
# /boot
Chris PeBenito f8ec0ad 
#
Chris PeBenito abc73a7 
/boot			-d	gen_context(system_u:object_r:boot_t,s0)
Chris PeBenito abc73a7 
/boot/.*			gen_context(system_u:object_r:boot_t,s0)
Chris PeBenito f8ec0ad 
/boot/\.journal			<<none>>
Chris PeBenito 14c0edc 
/boot/efi(/.*)?/System\.map(-.*)? -- gen_context(system_u:object_r:system_map_t,s0)
Chris PeBenito e070dd2 
/boot/lost\+found	-d	gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
Chris PeBenito cff75c9 
/boot/lost\+found/.*		<<none>>
Chris PeBenito 1c1ac67 
/boot/System\.map(-.*)?	--	gen_context(system_u:object_r:system_map_t,s0)
Chris PeBenito f8ec0ad
Chris PeBenito f8ec0ad 
#
Chris PeBenito 9c6feb6 
# /emul
Chris PeBenito 9c6feb6 
#
Chris PeBenito abc73a7 
/emul			-d	gen_context(system_u:object_r:usr_t,s0)
Chris PeBenito abc73a7 
/emul/.*			gen_context(system_u:object_r:usr_t,s0)
Chris PeBenito 9c6feb6
Chris PeBenito 9c6feb6 
#
Chris PeBenito f8ec0ad 
# /etc
Chris PeBenito f8ec0ad 
#
Chris PeBenito abc73a7 
/etc			-d	gen_context(system_u:object_r:etc_t,s0)
Chris PeBenito abc73a7 
/etc/.*				gen_context(system_u:object_r:etc_t,s0)
Chris PeBenito e02c61c 
/etc/\.fstab\.hal\..+	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito a3cf80d 
/etc/blkid(/.*)?		gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito 48e0aa8 
/etc/cmtab		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61c 
/etc/fstab\.REVOKE	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61c 
/etc/HOSTNAME		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito 693d4ae 
/etc/ioctl\.save	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61c 
/etc/issue		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61c 
/etc/issue\.net		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito 48e0aa8 
/etc/killpower		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61c 
/etc/localtime		-l	gen_context(system_u:object_r:etc_t,s0)
Chris PeBenito e02c61c 
/etc/mtab		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito 5bf9deb 
/etc/mtab\.fuselock	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61c 
/etc/motd		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61c 
/etc/nohotplug		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61c 
/etc/nologin.*		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito 6c53a10 
/etc/reader\.conf	-- 	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito 693d4ae 
/etc/smartd\.conf.*	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61c
3eaa993 
/etc/sysctl\.conf(\.old)?               --      gen_context(system_u:object_r:system_conf_t,s0)
3eaa993 
/etc/sysconfig/ebtables.*				--      gen_context(system_u:object_r:system_conf_t,s0)
3eaa993 
/etc/sysconfig/ip6?tables.*             --      gen_context(system_u:object_r:system_conf_t,s0)
3eaa993 
/etc/sysconfig/ipvsadm.*                --      gen_context(system_u:object_r:system_conf_t,s0)
3eaa993 
/etc/sysconfig/system-config-firewall.* --      gen_context(system_u:object_r:system_conf_t,s0)
3eaa993
3eaa993
Chris PeBenito ef5ca0f 
/etc/cups/client\.conf	--	gen_context(system_u:object_r:etc_t,s0)
Chris PeBenito ef5ca0f
Chris PeBenito e02c61c 
/etc/ipsec\.d/examples(/.*)?	gen_context(system_u:object_r:etc_t,s0)
Chris PeBenito 11633bb
Chris PeBenito e02c61c 
/etc/network/ifstate	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito eeb2558
Chris PeBenito e02c61c 
/etc/ptal/ptal-printd-like -- 	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito f8ec0ad
Chris PeBenito e02c61c 
/etc/sysconfig/hwconf	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61c 
/etc/sysconfig/iptables\.save -- gen_context(system_u:object_r:etc_runtime_t,s0)
3eaa993
3eaa993 
/etc/xorg\.conf\.d/00-system-setup-keyboard\.conf --	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito f8ec0ad
Chris PeBenito f8ec0ad 
ifdef(`distro_gentoo', `
Chris PeBenito e02c61c 
/etc/profile\.env	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61c 
/etc/csh\.env		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61c 
/etc/env\.d/.*		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito f8ec0ad 
')
Chris PeBenito f8ec0ad
Chris PeBenito 9c6feb6 
ifdef(`distro_redhat',`
Chris PeBenito 9c6feb6 
/etc/rhgb(/.*)?		-d	gen_context(system_u:object_r:mnt_t,s0)
Chris PeBenito 9c6feb6 
')
Chris PeBenito 9c6feb6
Chris PeBenito 9c6feb6 
ifdef(`distro_suse',`
Chris PeBenito 9c6feb6 
/etc/defkeymap\.map	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito 9c6feb6 
/etc/init\.d/\.depend.*	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito 9c6feb6 
')
Chris PeBenito 9c6feb6
Chris PeBenito 9c6feb6 
#
Chris PeBenito 9c6feb6 
# HOME_ROOT
Chris PeBenito 9c6feb6 
# expanded by genhomedircon
Chris PeBenito 9c6feb6 
#
3eaa993 
HOME_ROOT			gen_context(system_u:object_r:home_root_t,s0-mls_systemhigh)
Chris PeBenito 5d31560 
HOME_ROOT/\.journal		<<none>>
Chris PeBenito e070dd2 
HOME_ROOT/lost\+found	-d	gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
Chris PeBenito bf080a4 
HOME_ROOT/lost\+found/.*		<<none>>
Chris PeBenito 5d31560
Chris PeBenito f8ec0ad 
#
Chris PeBenito f8ec0ad 
# /initrd
Chris PeBenito f8ec0ad 
#
Chris PeBenito f8ec0ad 
# initrd mount point, only used during boot
Chris PeBenito e02c61c 
/initrd			-d	gen_context(system_u:object_r:root_t,s0)
Chris PeBenito f8ec0ad
Chris PeBenito f8ec0ad 
#
Chris PeBenito 1c1ac67 
# /lib(64)?
Chris PeBenito 1c1ac67 
#
Chris PeBenito abc73a7 
/lib/modules(/.*)?		gen_context(system_u:object_r:modules_object_t,s0)
Chris PeBenito abc73a7 
/lib64/modules(/.*)?		gen_context(system_u:object_r:modules_object_t,s0)
Chris PeBenito 1c1ac67
Chris PeBenito 1c1ac67 
#
Chris PeBenito f8ec0ad 
# /lost+found
Chris PeBenito f8ec0ad 
#
Chris PeBenito e070dd2 
/lost\+found		-d	gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
Chris PeBenito cff75c9 
/lost\+found/.*			<<none>>
Chris PeBenito f8ec0ad
Chris PeBenito f8ec0ad 
#
Chris PeBenito f8ec0ad 
# /media
Chris PeBenito f8ec0ad 
#
Chris PeBenito f8ec0ad 
# Mount points; do not relabel subdirectories, since
Chris PeBenito f8ec0ad 
# we don't want to change any removable media by default.
Chris PeBenito 13d7cec 
/media(/[^/]*)		-l	gen_context(system_u:object_r:mnt_t,s0)
Chris PeBenito e02c61c 
/media(/[^/]*)?		-d	gen_context(system_u:object_r:mnt_t,s0)
Chris PeBenito f8ec0ad 
/media/[^/]*/.*			<<none>>
Chris PeBenito d9845ae 
/media/\.hal-.*		--	gen_context(system_u:object_r:mnt_t,s0)
Chris PeBenito f8ec0ad
Chris PeBenito f8ec0ad 
#
Chris PeBenito a524921 
# /misc
Chris PeBenito a524921 
#
Chris PeBenito a524921 
/misc			-d	gen_context(system_u:object_r:mnt_t,s0)
Chris PeBenito a524921
Chris PeBenito a524921 
#
Chris PeBenito f8ec0ad 
# /mnt
Chris PeBenito f8ec0ad 
#
Chris PeBenito 13d7cec 
/mnt(/[^/]*)		-l	gen_context(system_u:object_r:mnt_t,s0)
Chris PeBenito e02c61c 
/mnt(/[^/]*)?		-d	gen_context(system_u:object_r:mnt_t,s0)
Chris PeBenito f8ec0ad 
/mnt/[^/]*/.*			<<none>>
Chris PeBenito f8ec0ad
Chris PeBenito f8ec0ad 
#
Chris PeBenito 51a89cc 
# /net
Chris PeBenito 51a89cc 
#
Chris PeBenito 51a89cc 
/net			-d	gen_context(system_u:object_r:mnt_t,s0)
Chris PeBenito 51a89cc
Chris PeBenito 51a89cc 
#
Chris PeBenito f8ec0ad 
# /opt
Chris PeBenito f8ec0ad 
#
Chris PeBenito abc73a7 
/opt			-d	gen_context(system_u:object_r:usr_t,s0)
Chris PeBenito abc73a7 
/opt/.*				gen_context(system_u:object_r:usr_t,s0)
Chris PeBenito f8ec0ad
Chris PeBenito abc73a7 
/opt/(.*/)?var/lib(64)?(/.*)?	gen_context(system_u:object_r:var_lib_t,s0)
Chris PeBenito f8ec0ad
Chris PeBenito f8ec0ad 
#
Chris PeBenito f8ec0ad 
# /proc
Chris PeBenito f8ec0ad 
#
Chris PeBenito abc73a7 
/proc			-d	<<none>>
Chris PeBenito abc73a7 
/proc/.*			<<none>>
Chris PeBenito f8ec0ad
3eaa993 
ifdef(`distro_redhat',`
3eaa993 
/rhev			-d	gen_context(system_u:object_r:mnt_t,s0)
3eaa993 
/rhev(/[^/]*)?		-d	gen_context(system_u:object_r:mnt_t,s0)
3eaa993 
/rhev/[^/]*/.*			<<none>>
3eaa993 
')
3eaa993
Chris PeBenito f8ec0ad 
#
Chris PeBenito f8ec0ad 
# /selinux
Chris PeBenito f8ec0ad 
#
Chris PeBenito abc73a7 
/selinux		-d	<<none>>
Chris PeBenito abc73a7 
/selinux/.*			<<none>>
Chris PeBenito f8ec0ad
Chris PeBenito f8ec0ad 
#
Chris PeBenito cff75c9 
# /srv
Chris PeBenito cff75c9 
#
Chris PeBenito abc73a7 
/srv			-d	gen_context(system_u:object_r:var_t,s0)
Chris PeBenito abc73a7 
/srv/.*				gen_context(system_u:object_r:var_t,s0)
Chris PeBenito cff75c9
Chris PeBenito cff75c9 
#
Chris PeBenito f8ec0ad 
# /tmp
Chris PeBenito f8ec0ad 
#
Chris PeBenito e070dd2 
/tmp			-d	gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh)
Chris PeBenito f8ec0ad 
/tmp/.*				<<none>>
Chris PeBenito f8ec0ad 
/tmp/\.journal			<<none>>
Chris PeBenito f8ec0ad
Chris PeBenito e070dd2 
/tmp/lost\+found	-d		gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
Chris PeBenito cff75c9 
/tmp/lost\+found/.*		<<none>>
Chris PeBenito f8ec0ad
Chris PeBenito f8ec0ad 
#
Chris PeBenito f8ec0ad 
# /usr
Chris PeBenito f8ec0ad 
#
Chris PeBenito abc73a7 
/usr			-d	gen_context(system_u:object_r:usr_t,s0)
Chris PeBenito abc73a7 
/usr/.*				gen_context(system_u:object_r:usr_t,s0)
Chris PeBenito f8ec0ad 
/usr/\.journal			<<none>>
Chris PeBenito f8ec0ad
Chris PeBenito b0d2243 
/usr/doc(/.*)?/lib(/.*)?		gen_context(system_u:object_r:usr_t,s0)
Chris PeBenito b0d2243
Chris PeBenito e02c61c 
/usr/etc(/.*)?			gen_context(system_u:object_r:etc_t,s0)
Chris PeBenito f8ec0ad
Chris PeBenito e02c61c 
/usr/inclu.e(/.*)?		gen_context(system_u:object_r:usr_t,s0)
Chris PeBenito f8ec0ad
Chris PeBenito f8ec0ad 
/usr/local/\.journal		<<none>>
Chris PeBenito dd31631
Chris PeBenito e02c61c 
/usr/local/etc(/.*)?		gen_context(system_u:object_r:etc_t,s0)
Chris PeBenito dd31631
Chris PeBenito e070dd2 
/usr/local/lost\+found	-d	gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
Chris PeBenito cff75c9 
/usr/local/lost\+found/.*	<<none>>
Chris PeBenito f8ec0ad
Chris PeBenito e070dd2 
/usr/lost\+found		-d	gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
Chris PeBenito cff75c9 
/usr/lost\+found/.*		<<none>>
Chris PeBenito cff75c9
Chris PeBenito 495df41 
/usr/share/doc(/.*)?/README.*	gen_context(system_u:object_r:usr_t,s0)
Chris PeBenito f8ec0ad
Chris PeBenito e070dd2 
/usr/tmp			-d	gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh)
Chris PeBenito f8ec0ad 
/usr/tmp/.*			<<none>>
Chris PeBenito f8ec0ad
Chris PeBenito 48e0aa8 
ifndef(`distro_redhat',`
Chris PeBenito 48e0aa8 
/usr/local/src(/.*)?		gen_context(system_u:object_r:src_t,s0)
Chris PeBenito 48e0aa8 
/usr/src(/.*)?			gen_context(system_u:object_r:src_t,s0)
Chris PeBenito 48e0aa8 
/usr/src/kernels/.+/lib(/.*)?	gen_context(system_u:object_r:usr_t,s0)
Chris PeBenito 48e0aa8 
')
Chris PeBenito 48e0aa8
Chris PeBenito f8ec0ad 
#
Chris PeBenito f8ec0ad 
# /var
Chris PeBenito f8ec0ad 
#
Chris PeBenito abc73a7 
/var			-d	gen_context(system_u:object_r:var_t,s0)
Chris PeBenito abc73a7 
/var/.*				gen_context(system_u:object_r:var_t,s0)
Chris PeBenito f8ec0ad 
/var/\.journal			<<none>>
Chris PeBenito f8ec0ad
Chris PeBenito e02c61c 
/var/db/.*\.db		--	gen_context(system_u:object_r:etc_t,s0)
Chris PeBenito f8ec0ad
Chris PeBenito e02c61c 
/var/ftp/etc(/.*)?		gen_context(system_u:object_r:etc_t,s0)
Chris PeBenito f8ec0ad
3eaa993 
/var/named/chroot/etc(/.*)? 	gen_context(system_u:object_r:etc_t,s0)
3eaa993
Chris PeBenito e02c61c 
/var/lib(/.*)?			gen_context(system_u:object_r:var_lib_t,s0)
Chris PeBenito f8ec0ad
Chris PeBenito dd31631 
/var/lib/nfs/rpc_pipefs(/.*)?	<<none>>
Chris PeBenito f8ec0ad
Chris PeBenito e02c61c 
/var/lock(/.*)?			gen_context(system_u:object_r:var_lock_t,s0)
Chris PeBenito f8ec0ad
Chris PeBenito e070dd2 
/var/lost\+found		-d	gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
Chris PeBenito cff75c9 
/var/lost\+found/.*		<<none>>
Chris PeBenito dd31631
Chris PeBenito e070dd2 
/var/run			-d	gen_context(system_u:object_r:var_run_t,s0-mls_systemhigh)
Chris PeBenito bf080a4 
/var/run/.*			gen_context(system_u:object_r:var_run_t,s0)
Chris PeBenito f8ec0ad 
/var/run/.*\.*pid		<<none>>
Chris PeBenito f8ec0ad
Chris PeBenito 46112fc 
/var/spool(/.*)?			gen_context(system_u:object_r:var_spool_t,s0)
Chris PeBenito 46112fc 
/var/spool/postfix/etc(/.*)?	gen_context(system_u:object_r:etc_t,s0)
Chris PeBenito f8ec0ad
3eaa993 
/var/tmp			gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh)
Chris PeBenito f8ec0ad 
/var/tmp/.*			<<none>>
Chris PeBenito e070dd2 
/var/tmp/lost\+found	-d	gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
Chris PeBenito cff75c9 
/var/tmp/lost\+found/.*		<<none>>
Chris PeBenito e02c61c 
/var/tmp/vi\.recover	-d	gen_context(system_u:object_r:tmp_t,s0)
Chris PeBenito 80d5e02
Chris PeBenito 80d5e02 
ifdef(`distro_debian',`
Chris PeBenito 80d5e02 
/var/run/motd		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito 80d5e02 
')
3eaa993 
/nsr(/.*)?						gen_context(system_u:object_r:var_t,s0)
3eaa993 
/nsr/logs(/.*)?						gen_context(system_u:object_r:var_log_t,s0)
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.