selinux-policy-ubuntu-dev 0.2.20091117-0ubuntu2 / usr / share / selinux / ubuntu / include / admin / tripwire.if

This file is indexed.

/usr/share/selinux/ubuntu/include/admin/tripwire.if is in selinux-policy-ubuntu-dev 0.2.20091117-0ubuntu2.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
## <summary>Tripwire file integrity checker.</summary>
## <desc>
##	<p>
##	Tripwire file integrity checker.
##	</p>
##	<p>
##	NOTE: Tripwire creates temp file in its current working directory.
##	This policy does not allow write access to home directories, so
##	users will need to either cd to a directory where they have write
##	permission, or set the TEMPDIRECTORY variable in the tripwire config
##	file.  The latter is preferable, as then the file_type_auto_trans
##	rules will kick in and label the files as private to tripwire.
##	</p>
## </desc>

########################################
## <summary>
##	Execute tripwire in the tripwire domain.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`tripwire_domtrans_tripwire',`
	gen_require(`
		type tripwire_t, tripwire_exec_t;
	')

	domtrans_pattern($1, tripwire_exec_t, tripwire_t)
')

########################################
## <summary>
##	Execute tripwire in the tripwire domain, and
##	allow the specified role the tripwire domain.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
## <param name="role">
##	<summary>
##	The role to be allowed the tripwire domain.
##	</summary>
## </param>
## <rolecap/>
#
interface(`tripwire_run_tripwire',`
	gen_require(`
		type tripwire_t;
	')

	tripwire_domtrans_tripwire($1)
	role $2 types tripwire_t;
')

########################################
## <summary>
##	Execute twadmin in the twadmin domain.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`tripwire_domtrans_twadmin',`
	gen_require(`
		type twadmin_t, twadmin_exec_t;
	')

	domtrans_pattern($1, twadmin_exec_t, twadmin_t)
')

########################################
## <summary>
##	Execute twadmin in the twadmin domain, and
##	allow the specified role the twadmin domain.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
## <param name="role">
##	<summary>
##	The role to be allowed the twadmin domain.
##	</summary>
## </param>
## <rolecap/>
#
interface(`tripwire_run_twadmin',`
	gen_require(`
		type twadmin_t;
	')

	tripwire_domtrans_twadmin($1)
	role $2 types twadmin_t;
')

########################################
## <summary>
##	Execute twprint in the twprint domain.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`tripwire_domtrans_twprint',`
	gen_require(`
		type twprint_t, twprint_exec_t;
	')

	domtrans_pattern($1, twprint_exec_t, twprint_t)
')

########################################
## <summary>
##	Execute twprint in the twprint domain, and
##	allow the specified role the twprint domain.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
## <param name="role">
##	<summary>
##	The role to be allowed the twprint domain.
##	</summary>
## </param>
## <rolecap/>
#
interface(`tripwire_run_twprint',`
	gen_require(`
		type twprint_t;
	')

	tripwire_domtrans_twprint($1)
	role $2 types twprint_t;
')

########################################
## <summary>
##	Execute siggen in the siggen domain.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`tripwire_domtrans_siggen',`
	gen_require(`
		type siggen_t, siggen_exec_t;
	')

	domtrans_pattern($1, siggen_exec_t, siggen_t)
')

########################################
## <summary>
##	Execute siggen in the siggen domain, and
##	allow the specified role the siggen domain.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
## <param name="role">
##	<summary>
##	The role to be allowed the siggen domain.
##	</summary>
## </param>
## <rolecap/>
#
interface(`tripwire_run_siggen',`
	gen_require(`
		type siggen_t;
	')

	tripwire_domtrans_siggen($1)
	role $2 types siggen_t;
')

APT Browse - Built by Thomas Orozco.