diff options
-rw-r--r-- | .gitignore | 2 | ||||
-rw-r--r-- | generate.sh | 4 | ||||
-rw-r--r-- | mydictdaddon.fc | 1 | ||||
-rw-r--r-- | mydictdaddon.if | 1 | ||||
-rw-r--r-- | mydictdaddon.te | 13 |
5 files changed, 21 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b2545cd --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +*.pp +/tmp/ diff --git a/generate.sh b/generate.sh new file mode 100644 index 0000000..ba2acbf --- /dev/null +++ b/generate.sh @@ -0,0 +1,4 @@ +# Have foo.te and foo.fc +make -f /usr/share/selinux/devel/Makefile foo.pp +# sudo semodule -i mydictdaddon.pp +# then use ~/.dictd for your dictd home stuff diff --git a/mydictdaddon.fc b/mydictdaddon.fc new file mode 100644 index 0000000..3aacd1e --- /dev/null +++ b/mydictdaddon.fc @@ -0,0 +1 @@ +HOME_DIR/\.dictd(/.*)? gen_context(system_u:object_r:dictd_home_t,s0) diff --git a/mydictdaddon.if b/mydictdaddon.if new file mode 100644 index 0000000..3eb6a30 --- /dev/null +++ b/mydictdaddon.if @@ -0,0 +1 @@ +## <summary></summary> diff --git a/mydictdaddon.te b/mydictdaddon.te new file mode 100644 index 0000000..76c2a14 --- /dev/null +++ b/mydictdaddon.te @@ -0,0 +1,13 @@ +policy_module(mydictdaddon,1.0.2) +gen_require(` type dictd_t; ') +gen_require(` attribute userdomain; ') +userdom_search_user_home_dirs(dictd_t) +type dictd_home_t; +userdom_user_home_content(dictd_home_t) +allow dictd_t dictd_home_t:dir list_dir_perms; +allow dictd_t dictd_home_t:file read_file_perms; +allow dictd_t dictd_home_t:lnk_file read_lnk_file_perms;; +allow userdomain dictd_home_t:dir manage_dir_perms; +allow userdomain dictd_home_t:file manage_file_perms; +allow userdomain dictd_home_t:lnk_file manage_lnk_file_perms; +userdom_user_home_dir_filetrans(userdomain, dictd_home_t, dir, ".dictd") |