Gitiles
Code Review Sign In
192.168.1.100 / T108 / e958203796650e3959a43708d67534bf36f4c83b / . / marvell / services / selinux-policy / src / initscript / rcnetwork.cil
blob: 837689e71fdbeef3d256a85271f974e4d1e3c046 [file] [log] [blame]
b.liue9582032025-04-17 19:18:16 +0800[diff] [blame^]1;; -*- mode: CIL; fill-column: 79; indent-tabs-mode: nil; -*-
2;; SPDX-FileCopyrightText: © 2021 Dominick Grift <dominick.grift@defensec.nl>
3;; SPDX-License-Identifier: Unlicense
4
5(in .sys
6 (call .rcnetwork.subj_type_transition (subj)))
7
8(in .file
9 (call .rcnetwork.obj_type_transition_initscriptfile
10 (unconfined.subj_typeattr)))
11
12(block rcnetwork
13
14 ;;
15 ;; Contexts
16 ;;
17
18 (filecon
19 "/etc/init\.d/network"
20 file
21 initscriptfile_file_context)
22
23 ;;
24 ;; Macros
25 ;;
26
27 (macro obj_type_transition_initscriptfile ((type ARG1))
28 (call .file.initscriptfile_obj_type_transition
29 (ARG1 initscriptfile file "network")))
30
31 ;;
32 ;; Policy
33 ;;
34
35 (blockinherit .initscript.base_template)
36
37 (call .sys.search_sysctlfile_dirs (subj))
38
39 (call .class.search_sysfile_dirs (subj))
40
41 (call .corepattern.getattr_sysctlfile_files (subj))
42
43 (call .ifup.subj_type_transition (subj))
44
45 (call .ipv6.read_sysctlfile_files (subj))
46 (call .ipv6.search_sysctlfile_dirs (subj))
47
48 (call .kernel.search_sysctlfile_dirs (subj))
49
50 (call .net.search_sysctlfile_dirs (subj))
51
52 (call .network.list_miscfile_dirs (subj))
53 (call .network.read_miscfile_files (subj))
54
55 (call .swconfig.subj_type_transition (subj))
56
57 ;;Added by ASR
58 (call .uci.manage_conffile_dirs (subj))
59 (call .uci.manage_conffile_files (subj))
60 (call .uci.read_conffile_lnk_files (subj))
61
62 (call .wifi.subj_type_transition (subj)))