X7ROOT File Manager
Current Path:
/usr/lib64/python2.7/site-packages/sepolicy/templates
usr
/
lib64
/
python2.7
/
site-packages
/
sepolicy
/
templates
/
📁
..
📄
__init__.py
(724 B)
📄
__init__.pyc
(152 B)
📄
__init__.pyo
(152 B)
📄
boolean.py
(1.15 KB)
📄
boolean.pyc
(331 B)
📄
boolean.pyo
(331 B)
📄
etc_rw.py
(3.86 KB)
📄
etc_rw.pyc
(2.87 KB)
📄
etc_rw.pyo
(2.87 KB)
📄
executable.py
(9.66 KB)
📄
executable.pyc
(8.99 KB)
📄
executable.pyo
(8.99 KB)
📄
network.py
(13.28 KB)
📄
network.pyc
(12.58 KB)
📄
network.pyo
(12.58 KB)
📄
rw.py
(3.84 KB)
📄
rw.pyc
(2.93 KB)
📄
rw.pyo
(2.93 KB)
📄
script.py
(4.16 KB)
📄
script.pyc
(3.39 KB)
📄
script.pyo
(3.39 KB)
📄
semodule.py
(1.28 KB)
📄
semodule.pyc
(479 B)
📄
semodule.pyo
(479 B)
📄
spec.py
(2.09 KB)
📄
spec.pyc
(2.26 KB)
📄
spec.pyo
(2.26 KB)
📄
test_module.py
(4.35 KB)
📄
test_module.pyc
(2.76 KB)
📄
test_module.pyo
(2.76 KB)
📄
tmp.py
(3.38 KB)
📄
tmp.pyc
(2.58 KB)
📄
tmp.pyo
(2.58 KB)
📄
unit_file.py
(2.21 KB)
📄
unit_file.pyc
(1.2 KB)
📄
unit_file.pyo
(1.2 KB)
📄
user.py
(4.21 KB)
📄
user.pyc
(3.49 KB)
📄
user.pyo
(3.49 KB)
📄
var_cache.py
(4.05 KB)
📄
var_cache.pyc
(3.06 KB)
📄
var_cache.pyo
(3.06 KB)
📄
var_lib.py
(4.2 KB)
📄
var_lib.pyc
(3.2 KB)
📄
var_lib.pyo
(3.2 KB)
📄
var_log.py
(3.18 KB)
📄
var_log.pyc
(2.16 KB)
📄
var_log.pyo
(2.16 KB)
📄
var_run.py
(2.86 KB)
📄
var_run.pyc
(2.09 KB)
📄
var_run.pyo
(2.09 KB)
📄
var_spool.py
(4.04 KB)
📄
var_spool.pyc
(3.04 KB)
📄
var_spool.pyo
(3.04 KB)
Editing: network.py
# Copyright (C) 2007-2012 Red Hat # see file 'COPYING' for use and warranty information # # policygentool is a tool for the initial generation of SELinux policy # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License as # published by the Free Software Foundation; either version 2 of # the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA # 02111-1307 USA # # ########################### Type Enforcement File ############################# te_types=""" type TEMPLATETYPE_port_t; corenet_port(TEMPLATETYPE_port_t) """ te_network="""\ sysnet_dns_name_resolve(TEMPLATETYPE_t) corenet_all_recvfrom_unlabeled(TEMPLATETYPE_t) """ te_tcp="""\ allow TEMPLATETYPE_t self:tcp_socket create_stream_socket_perms; corenet_tcp_sendrecv_generic_if(TEMPLATETYPE_t) corenet_tcp_sendrecv_generic_node(TEMPLATETYPE_t) corenet_tcp_sendrecv_all_ports(TEMPLATETYPE_t) """ te_in_tcp="""\ corenet_tcp_bind_generic_node(TEMPLATETYPE_t) """ te_in_need_port_tcp="""\ allow TEMPLATETYPE_t TEMPLATETYPE_port_t:tcp_socket name_bind; """ te_out_need_port_tcp="""\ allow TEMPLATETYPE_t TEMPLATETYPE_port_t:tcp_socket name_connect; """ te_udp="""\ allow TEMPLATETYPE_t self:udp_socket { create_socket_perms listen }; corenet_udp_sendrecv_generic_if(TEMPLATETYPE_t) corenet_udp_sendrecv_generic_node(TEMPLATETYPE_t) corenet_udp_sendrecv_all_ports(TEMPLATETYPE_t) """ te_in_udp="""\ corenet_udp_bind_generic_node(TEMPLATETYPE_t) """ te_in_need_port_udp="""\ allow TEMPLATETYPE_t TEMPLATETYPE_port_t:udp_socket name_bind; """ te_out_all_ports_tcp="""\ corenet_tcp_connect_all_ports(TEMPLATETYPE_t) """ te_out_reserved_ports_tcp="""\ corenet_tcp_connect_all_rpc_ports(TEMPLATETYPE_t) """ te_out_unreserved_ports_tcp="""\ corenet_tcp_connect_all_unreserved_ports(TEMPLATETYPE_t) """ te_in_all_ports_tcp="""\ corenet_tcp_bind_all_ports(TEMPLATETYPE_t) """ te_in_reserved_ports_tcp="""\ corenet_tcp_bind_all_rpc_ports(TEMPLATETYPE_t) """ te_in_unreserved_ports_tcp="""\ corenet_tcp_bind_all_unreserved_ports(TEMPLATETYPE_t) """ te_in_all_ports_udp="""\ corenet_udp_bind_all_ports(TEMPLATETYPE_t) """ te_in_reserved_ports_udp="""\ corenet_udp_bind_all_rpc_ports(TEMPLATETYPE_t) """ te_in_unreserved_ports_udp="""\ corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t) """ if_rules="""\ ######################################## ## <summary> ## Send and receive TCP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="both" weight="10"/> # interface(`corenet_tcp_sendrecv_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:tcp_socket { send_msg recv_msg }; ') ######################################## ## <summary> ## Send UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="write" weight="10"/> # interface(`corenet_udp_send_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:udp_socket send_msg; ') ######################################## ## <summary> ## Do not audit attempts to send UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_udp_send_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') dontaudit $1 TEMPLATETYPE_port_t:udp_socket send_msg; ') ######################################## ## <summary> ## Receive UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="read" weight="10"/> # interface(`corenet_udp_receive_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:udp_socket recv_msg; ') ######################################## ## <summary> ## Do not audit attempts to receive UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_udp_receive_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') dontaudit $1 TEMPLATETYPE_port_t:udp_socket recv_msg; ') ######################################## ## <summary> ## Send and receive UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="both" weight="10"/> # interface(`corenet_udp_sendrecv_TEMPLATETYPE_port',` corenet_udp_send_TEMPLATETYPE_port($1) corenet_udp_receive_TEMPLATETYPE_port($1) ') ######################################## ## <summary> ## Do not audit attempts to send and receive ## UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_udp_sendrecv_TEMPLATETYPE_port',` corenet_dontaudit_udp_send_TEMPLATETYPE_port($1) corenet_dontaudit_udp_receive_TEMPLATETYPE_port($1) ') ######################################## ## <summary> ## Bind TCP sockets to the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_tcp_bind_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:tcp_socket name_bind; ') ######################################## ## <summary> ## Bind UDP sockets to the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_udp_bind_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:udp_socket name_bind; ') ######################################## ## <summary> ## Do not audit attempts to sbind to TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_udp_bind_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') dontaudit $1 TEMPLATETYPE_port_t:udp_socket name_bind; ') ######################################## ## <summary> ## Make a TCP connection to the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`corenet_tcp_connect_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:tcp_socket name_connect; ') ######################################## ## <summary> ## Do not audit attempts to make a TCP connection to TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`corenet_dontaudit_tcp_connect_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') dontaudit $1 TEMPLATETYPE_port_t:tcp_socket name_connect; ') ######################################## ## <summary> ## Send TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="write" weight="10"/> # interface(`corenet_send_TEMPLATETYPE_client_packets',` gen_require(` type TEMPLATETYPE_client_packet_t; ') allow $1 TEMPLATETYPE_client_packet_t:packet send; ') ######################################## ## <summary> ## Do not audit attempts to send TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_send_TEMPLATETYPE_client_packets',` gen_require(` type TEMPLATETYPE_client_packet_t; ') dontaudit $1 TEMPLATETYPE_client_packet_t:packet send; ') ######################################## ## <summary> ## Receive TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="read" weight="10"/> # interface(`corenet_receive_TEMPLATETYPE_client_packets',` gen_require(` type TEMPLATETYPE_client_packet_t; ') allow $1 TEMPLATETYPE_client_packet_t:packet recv; ') ######################################## ## <summary> ## Do not audit attempts to receive TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_receive_TEMPLATETYPE_client_packets',` gen_require(` type TEMPLATETYPE_client_packet_t; ') dontaudit $1 TEMPLATETYPE_client_packet_t:packet recv; ') ######################################## ## <summary> ## Send and receive TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="both" weight="10"/> # interface(`corenet_sendrecv_TEMPLATETYPE_client_packets',` corenet_send_TEMPLATETYPE_client_packets($1) corenet_receive_TEMPLATETYPE_client_packets($1) ') ######################################## ## <summary> ## Do not audit attempts to send and receive TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_sendrecv_TEMPLATETYPE_client_packets',` corenet_dontaudit_send_TEMPLATETYPE_client_packets($1) corenet_dontaudit_receive_TEMPLATETYPE_client_packets($1) ') ######################################## ## <summary> ## Relabel packets to TEMPLATETYPE_client the packet type. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`corenet_relabelto_TEMPLATETYPE_client_packets',` gen_require(` type TEMPLATETYPE_client_packet_t; ') allow $1 TEMPLATETYPE_client_packet_t:packet relabelto; ') ######################################## ## <summary> ## Send TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="write" weight="10"/> # interface(`corenet_send_TEMPLATETYPE_server_packets',` gen_require(` type TEMPLATETYPE_server_packet_t; ') allow $1 TEMPLATETYPE_server_packet_t:packet send; ') ######################################## ## <summary> ## Do not audit attempts to send TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_send_TEMPLATETYPE_server_packets',` gen_require(` type TEMPLATETYPE_server_packet_t; ') dontaudit $1 TEMPLATETYPE_server_packet_t:packet send; ') ######################################## ## <summary> ## Receive TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="read" weight="10"/> # interface(`corenet_receive_TEMPLATETYPE_server_packets',` gen_require(` type TEMPLATETYPE_server_packet_t; ') allow $1 TEMPLATETYPE_server_packet_t:packet recv; ') ######################################## ## <summary> ## Do not audit attempts to receive TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_receive_TEMPLATETYPE_server_packets',` gen_require(` type TEMPLATETYPE_server_packet_t; ') dontaudit $1 TEMPLATETYPE_server_packet_t:packet recv; ') ######################################## ## <summary> ## Send and receive TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="both" weight="10"/> # interface(`corenet_sendrecv_TEMPLATETYPE_server_packets',` corenet_send_TEMPLATETYPE_server_packets($1) corenet_receive_TEMPLATETYPE_server_packets($1) ') ######################################## ## <summary> ## Do not audit attempts to send and receive TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_sendrecv_TEMPLATETYPE_server_packets',` corenet_dontaudit_send_TEMPLATETYPE_server_packets($1) corenet_dontaudit_receive_TEMPLATETYPE_server_packets($1) ') ######################################## ## <summary> ## Relabel packets to TEMPLATETYPE_server the packet type. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`corenet_relabelto_TEMPLATETYPE_server_packets',` gen_require(` type TEMPLATETYPE_server_packet_t; ') allow $1 TEMPLATETYPE_server_packet_t:packet relabelto; ') """ te_rules=""" """
Upload File
Create Folder