Changeset View
Changeset View
Standalone View
Standalone View
autotests/input/test.fc
1 | # Sample SELinux Labeling Policy File | 1 | # Sample SELinux Labeling Policy File | ||
---|---|---|---|---|---|
2 | 2 | | |||
3 | # Syntax of 'file_contexts' file and other SELinux configuration files: | 3 | # Syntax of 'file_contexts' file and other SELinux configuration files: | ||
4 | 4 | | |||
5 | /usr/lib/.*/program/foo\.so -- user:role:type:s0:c0 | 5 | /usr/lib/.*/program/foo\.so -- user:role:type:s0:c0-dsds.sd:sdsd | ||
6 | /.* system_u:object_r:default_t:s0 | 6 | /.* system_u:object_r:default_t:s0 | ||
7 | /sys(/.*)? system_u:object_r:sysfs_t:s0 | 7 | /sys(/.*)? system_u:object_r:sysfs_t:s0 | ||
8 | /xen(/.*)? system_u:object_r:xen_image_t:s1 | 8 | /xen(/.*)? system_u:object_r:xen_image_t:s1 | ||
9 | /mnt(/[^/]*)? -d system_u:object_r:mnt_t:s1-5 | 9 | /mnt(/[^/]*)? -d system_u:object_r:mnt_t:s1-5 | ||
10 | /mnt(/[^/]*)? -l system_u:object_r:mnt_t:s0.s2 | 10 | /mnt(/[^/]*)? -l system_u:object_r:mnt_t:s0.s2 | ||
11 | /tmp/.* <<none>> | 11 | /tmp/.* <<none>> | ||
12 | /root(/.*)? system_u:object_r:admin_home_t:s0 | 12 | /root(/.*)? system_u:object_r:admin_home_t:s0 | ||
13 | /dev/[0-9].* -c system_u:object_r:usb_device_t:s0 | 13 | /dev/[0-9].* -c system_u:object_r:usb_device_t:s0 | ||
Show All 23 Lines | |||||
37 | # Syntax of *.fc files, from the SELinux reference policy: | 37 | # Syntax of *.fc files, from the SELinux reference policy: | ||
38 | 38 | | |||
39 | /run/sudo/ts/%{USERNAME} gen_context(system_u:object_r:pam_var_run_t,s0,c0) | 39 | /run/sudo/ts/%{USERNAME} gen_context(system_u:object_r:pam_var_run_t,s0,c0) | ||
40 | /etc/aiccu\.conf -- gen_context(system_u:object_r:aiccu_etc_t,s0-s2,c1.c5) | 40 | /etc/aiccu\.conf -- gen_context(system_u:object_r:aiccu_etc_t,s0-s2,c1.c5) | ||
41 | HOME_DIR/\.mtpz-data -- gen_context(system_u:object_r:libmtp_home_t,s0) | 41 | HOME_DIR/\.mtpz-data -- gen_context(system_u:object_r:libmtp_home_t,s0) | ||
42 | /var/log/mariadb(/.*)? gen_context(system_u:object_r:mysqld_log_t,s0) | 42 | /var/log/mariadb(/.*)? gen_context(system_u:object_r:mysqld_log_t,s0) | ||
43 | /dev/dasd[^/]* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh) | 43 | /dev/dasd[^/]* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh) | ||
44 | /dev/dasd[^/]* -c gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh) | 44 | /dev/dasd[^/]* -c gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh) | ||
45 | HOME_ROOT -d gen_context(system_u:object_r:home_root_t,s0-mls_systemhigh,c1) | 45 | HOME_ROOT -d gen_context(system_u:object_r:home_root_t,s0-mls_systemhigh,s1) | ||
46 | HOME_ROOT -l gen_context(system_u:object_r:home_root_t,s0) | 46 | HOME_ROOT -l gen_context(system_u:object_r:home_root_t,s0) | ||
47 | 47 | | |||
48 | ifdef(`distro_debian',` | 48 | ifdef(`distro_debian',` | ||
49 | /run/shm -d gen_context(system_u:object_r:tmpfs_t,s0) | 49 | /run/shm -d gen_context(system_u:object_r:tmpfs_t,s0) | ||
50 | /run/shm/.* <<none>> | 50 | /run/shm/.* <<none>> | ||
51 | ') | 51 | ') | ||
52 | ifdef(`distro_suse',` | 52 | ifdef(`distro_suse',` | ||
53 | /success -- gen_context(system_u:object_r:etc_runtime_t,s0) | 53 | /success -- gen_context(system_u:object_r:etc_runtime_t,s0) | ||
54 | ') | 54 | ') | ||
55 | ifdef(`init_systemd',` | 55 | ifdef(`init_systemd',` | ||
56 | /run/tmpfiles\.d/kmod\.conf -- gen_context(system_u:object_r:kmod_tmpfiles_conf_t,s0) | 56 | /run/tmpfiles\.d/kmod\.conf -- gen_context(system_u:object_r:kmod_tmpfiles_conf_t,s0) | ||
57 | ') | 57 | ') | ||
58 | 58 | | |||
59 | # Android contexts | ||||
60 | | ||||
61 | android.hardware.light::ILight u:object_r:hal_light_hwservice:s0 | ||||
62 | android.hardware.nfc::INfc u:object_r:hal_nfc_hwservice:s0 | ||||
63 | * u:object_r:default_android_hwservice:s0 | ||||
64 | ro.boot.bootloader u:object_r:exported2_default_prop:s0 exact string | ||||
65 | sys.usb.mtp.device_type u:object_r:exported2_system_prop:s0 exact int | ||||
66 | | ||||
59 | # Tests | 67 | # Tests | ||
60 | 68 | | |||
61 | # Variables | 69 | # Variables | ||
62 | HOME_DIR/path | 70 | HOME_DIR/path | ||
63 | HOME_ROOT/path | 71 | HOME_ROOT/path | ||
64 | /path/HOME_DIR/HOME_ROOT | 72 | /path/HOME_DIR/HOME_ROOT | ||
65 | 73 | | |||
66 | # Open brackets | 74 | # Open brackets | ||
67 | /hello(world | 75 | /hello(world | ||
68 | /hello[wo | 76 | /hello[wo | ||
69 | 77 | | |||
70 | /path[^0-8]+ | 78 | /path[^0-8]+ | ||
71 | /path(hello|bye) | 79 | /path(hello|bye) | ||
72 | /path.*a+b? | 80 | /path.*a+b? | ||
73 | /path\wa\Wa\sa\da\ba\Ba\(a | 81 | /path\wa\Wa\sa\da\ba\Ba\(a | ||
74 | /usr/hi\"esc\sesc\032esc\*3esds | 82 | /usr/hi\"esc\sesc\032esc\*3esds | ||
75 | 83 | | |||
76 | # Security contexts | 84 | # Security contexts | ||
77 | user:role | 85 | user:role | ||
78 | user:role: | 86 | user:role: | ||
79 | user:role:type | 87 | user:role:type | ||
80 | user:role:type:level_sensitivity | 88 | user:role:type:level_sensitivity | ||
81 | user:role:type:level_sensitivity:level_category | 89 | user:role:type:level_sensitivity:level_category | ||
82 | user:role:type:level_sensitivity:level_category:other:other | 90 | user:role:type:level_sensitivity:level_category:other:other | ||
91 | user:role:type:level_sensitivity:level_category-sens:cat:other | ||||
92 | user:role:type:s0.s1.s3:c0.c1,c2,c3 - s5.s6:c4,c5:other | ||||
93 | user : role : type : s0 . s1 . s3 : c0 . c1 , c2 , c3 - s5 . s6 : c4 , c5 : other | ||||
94 | user:role:type:s0,other | ||||
83 | 95 | | |||
84 | (user:role:type,) | 96 | (user:role:type,) | ||
85 | (user:role:type,level_s,) | 97 | (user:role:type,level_s,) | ||
86 | (user:role:type,level_s,level_c) | 98 | (user:role:type,level_s,level_c) | ||
87 | (user:role:type,level_s,level_c,other,other,other) | 99 | (user:role:type,level_s,level_c,other,other,other) | ||
88 | (user:role:type:level_s:level_c,other,other) | 100 | (user:role:type:level_s:level_c,other,other) | ||
89 | (user:role:type:level_s:level_c:other,other,other) | 101 | (user:role:type:level_s:level_c:other,other,other) | ||
90 | 102 | | |||
Show All 14 Lines |