* no-ip policy
@ 2005-07-30 8:08 shintarou_fujiwara
0 siblings, 0 replies; only message in thread
From: shintarou_fujiwara @ 2005-07-30 8:08 UTC (permalink / raw)
To: selinux mailing list
[-- Attachment #1: Type: text/plain, Size: 154 bytes --]
Hi , I'm shin from JAPAN .
I'm working on a private home-server by FC3 using no-ip DNS services. Here
I'v written down a policy for it.
Any comments ?
[-- Attachment #2: noip.fc --]
[-- Type: application/octet-stream, Size: 175 bytes --]
####################for noip##########################
/usr/local/bin/noip2 system_u:object_r:noip_exec_t
/usr/local/etc/no-ip2\.conf system_u:object_r:noip_conf_t
[-- Attachment #3: noip.te --]
[-- Type: application/octet-stream, Size: 535 bytes --]
#############for noip###############
daemon_domain(noip)
type noip_conf_t,file_type,sysadmfile;
can_network(noip_t)
uses_shlib(noip_t)
base_file_read_access(noip_t)
tmpfs_domain(noip)
rw_dir_file(noip_t,noip_conf_t)
allow noip_t noip_t:shm create_shm_perms;
allow noip_t noip_t:socket_class_set create_stream_socket_perms;
allow noip_t kernel_t:fd { use };
allow noip_t etc_t:file { read };
allow noip_t etc_t:file { getattr };
allow noip_t noip_t:capability { setgid };
allow noip_t noip_t:capability { setuid };
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2005-07-30 8:15 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-07-30 8:08 no-ip policy shintarou_fujiwara
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.