Spade

Mini Shell

Directory:~$ /proc/self/root/usr/lib64/python2.7/site-packages/sepolicy/templates/
Upload File
[Home] [System Details] [Kill Me]
Current File:~$ //proc/self/root/usr/lib64/python2.7/site-packages/sepolicy/templates/user.pyc

�
m��Vc@spdZdZdZdZdZdZdZdZdZdZ	d	Z
d
ZdZdZ
d
ZdZdZdZdS(s�policy_module(TEMPLATETYPE, 1.0.0)

########################################
#
# Declarations
#
userdom_unpriv_user_template(TEMPLATETYPE)
s�policy_module(TEMPLATETYPE, 1.0.0)

########################################
#
# Declarations
#
userdom_admin_user_template(TEMPLATETYPE)
s�policy_module(TEMPLATETYPE, 1.0.0)

########################################
#
# Declarations
#

userdom_restricted_user_template(TEMPLATETYPE)
s�policy_module(TEMPLATETYPE, 1.0.0)

########################################
#
# Declarations
#

userdom_restricted_xwindows_user_template(TEMPLATETYPE)
s$policy_module(TEMPLATETYPE, 1.0.0)

s�policy_module(TEMPLATETYPE, 1.0.0)

## <desc>
## <p>
## Allow TEMPLATETYPE to read files in the user home directory
## </p>
## </desc>
gen_tunable(TEMPLATETYPE_read_user_files, false)

## <desc>
## <p>
## Allow TEMPLATETYPE to manage files in the user home directory
## </p>
## </desc>
gen_tunable(TEMPLATETYPE_manage_user_files, false)

########################################
#
# Declarations
#

userdom_base_user_template(TEMPLATETYPE)
tsO
########################################
#
# TEMPLATETYPE customized policy
#
s
sO
optional_policy(`
        APPLICATION_role(TEMPLATETYPE_r, TEMPLATETYPE_t)
')
s~
optional_policy(`
        gen_require(`
                role USER_r;
        ')

        TEMPLATETYPE_role_change(USER_r)
')
s�
allow TEMPLATETYPE_t self:capability { dac_override dac_read_search kill
sys_ptrace sys_nice };
files_dontaudit_search_all_dirs(TEMPLATETYPE_t)

selinux_get_enforce_mode(TEMPLATETYPE_t)
seutil_domtrans_setfiles(TEMPLATETYPE_t)
seutil_search_default_contexts(TEMPLATETYPE_t)

logging_send_syslog_msg(TEMPLATETYPE_t)

kernel_read_system_state(TEMPLATETYPE_t)

domain_dontaudit_search_all_domains_state(TEMPLATETYPE_t)
domain_dontaudit_ptrace_all_domains(TEMPLATETYPE_t)

userdom_dontaudit_search_admin_dir(TEMPLATETYPE_t)
userdom_dontaudit_search_user_home_dirs(TEMPLATETYPE_t)

tunable_policy(`TEMPLATETYPE_read_user_files',`
        userdom_read_user_home_content_files(TEMPLATETYPE_t)
        userdom_read_user_tmp_files(TEMPLATETYPE_t)
')

tunable_policy(`TEMPLATETYPE_manage_user_files',`
	userdom_manage_user_home_content_dirs(TEMPLATETYPE_t)
	userdom_manage_user_home_content_files(TEMPLATETYPE_t)
	userdom_manage_user_home_content_symlinks(TEMPLATETYPE_t)
        userdom_manage_user_tmp_files(TEMPLATETYPE_t)
')
sE
gen_require(`
        role USER_r;
')

allow USER_r TEMPLATETYPE_r;
sP
optional_policy(`
        APPLICATION_admin(TEMPLATETYPE_t, TEMPLATETYPE_r)
')
sz
optional_policy(`
        gen_require(`
                role ROLE_r;
        ')

        allow TEMPLATETYPE_r ROLE_r;
')
s_
optional_policy(`
        sudo_role_template(TEMPLATETYPE, TEMPLATETYPE_r, TEMPLATETYPE_t)
')
s4
seutil_run_newrole(TEMPLATETYPE_t, TEMPLATETYPE_r)
N(tte_login_user_typestte_admin_user_typestte_min_login_user_typestte_x_login_user_typestte_existing_user_typestte_root_user_typestte_login_user_rulestte_existing_user_rulestte_x_login_user_rulestte_root_user_rulestte_transition_rulestte_user_trans_rulestte_admin_rulestte_admin_trans_rulestte_admin_domain_rulestte_roles_rulest
te_sudo_rulestte_newrole_rules(((s=/usr/lib64/python2.7/site-packages/sepolicy/templates/user.pyt<module>
s"