Added interfaces for etc and etc_shared

This commit is contained in:
Eric Renfro 2015-11-23 19:04:56 -05:00
parent edf4a3bc73
commit 7a6f7d3a04
2 changed files with 36 additions and 1 deletions

2
.gitignore vendored
View file

@ -1,4 +1,4 @@
Makefile Makefile
tmp tmp
*.pp *.pp
.*.swp

View file

@ -79,3 +79,38 @@ interface(`ossec_write_log',`
allow $1 ossec_log_t:file write; allow $1 ossec_log_t:file write;
') ')
interface(`ossec_read_config',`
gen_require(`
type ossec_etc_t;
')
search_dirs_pattern($1, ossec_etc_t, ossec_etc_t)
read_lnk_files_pattern($1, ossec_etc_t, ossec_etc_t)
read_files_pattern($1, ossec_etc_t, ossec_etc_t)
sysnet_read_config($1)
')
interface(`ossec_read_etc_shared',`
gen_require(`
type ossec_etc_t;
type ossec_etc_share_t;
')
search_dirs_pattern($1, ossec_etc_t, ossec_etc_t)
search_dirs_pattern($1, ossec_etc_share_t, ossec_etc_share_t)
read_files_pattern($1, ossec_etc_share_t, ossec_etc_share_t)
')
interface(`ossec_manage_etc_shared',`
gen_require(`
type ossec_etc_t;
type ossec_etc_share_t;
')
search_dirs_pattern($1, ossec_etc_t, ossec_etc_t)
search_dirs_pattern($1, ossec_etc_share_t, ossec_etc_share_t)
manage_files_pattern($1, ossec_etc_share_t, ossec_etc_share_t)
')