marvell/services/selinux-policy/src/initscript/rcacme.cil - T108 - Gitiles

 ;; -*- mode: CIL; fill-column: 79; indent-tabs-mode: nil; -*-
 ;; SPDX-FileCopyrightText: © 2021 Dominick Grift <dominick.grift@defensec.nl>
 ;; SPDX-License-Identifier: Unlicense

 (in .sys
     (call .rcacme.subj_type_transition (subj)))

 (in .file
     (call .rcacme.obj_type_transition_initscriptfile
           (unconfined.subj_typeattr)))

 (block rcacme

        ;;
        ;; Contexts
        ;;

        (filecon
         "/etc/init\.d/acme"
         file
         initscriptfile_file_context)

        ;;
        ;; Macros
        ;;

        (macro obj_type_transition_initscriptfile ((type ARG1))
               (call .file.initscriptfile_obj_type_transition
                     (ARG1 initscriptfile file "acme")))

        ;;
        ;; Policy
        ;;

        (blockinherit .initscript.base_template)

        (call .acme.manage_runtimetmpfile_files (subj))
        (call .acme.obj_type_transition_runtimetmpfile (subj))

        (call .tmpfile.deletename_runtimetmpfile_dirs (subj)))
	;; -- mode: CIL; fill-column: 79; indent-tabs-mode: nil; --
	;; SPDX-FileCopyrightText: © 2021 Dominick Grift <dominick.grift@defensec.nl>
	;; SPDX-License-Identifier: Unlicense

	(in .sys
	(call .rcacme.subj_type_transition (subj)))

	(in .file
	(call .rcacme.obj_type_transition_initscriptfile
	(unconfined.subj_typeattr)))

	(block rcacme

	;;
	;; Contexts
	;;

	(filecon
	"/etc/init\.d/acme"
	file
	initscriptfile_file_context)

	;;
	;; Macros
	;;

	(macro obj_type_transition_initscriptfile ((type ARG1))
	(call .file.initscriptfile_obj_type_transition
	(ARG1 initscriptfile file "acme")))

	;;
	;; Policy
	;;

	(blockinherit .initscript.base_template)

	(call .acme.manage_runtimetmpfile_files (subj))
	(call .acme.obj_type_transition_runtimetmpfile (subj))

	(call .tmpfile.deletename_runtimetmpfile_dirs (subj)))