aboutsummaryrefslogtreecommitdiff
path: root/gpsd.te
diff options
context:
space:
mode:
Diffstat (limited to 'gpsd.te')
-rw-r--r--gpsd.te29
1 files changed, 0 insertions, 29 deletions
diff --git a/gpsd.te b/gpsd.te
deleted file mode 100644
index 4b22223..0000000
--- a/gpsd.te
+++ /dev/null
@@ -1,29 +0,0 @@
-# gpsd - GPS daemon
-type gpsd, domain;
-type gpsd_exec, exec_type, file_type;
-
-init_daemon_domain(gpsd)
-net_domain(gpsd)
-allow gpsd gps_data_file:dir rw_dir_perms;
-allow gpsd gps_data_file:notdevfile_class_set create_file_perms;
-# Socket is created by the daemon, not by init, and under /data/gps,
-# not under /dev/socket.
-type_transition gpsd gps_data_file:sock_file gps_socket;
-allow gpsd gps_socket:sock_file create_file_perms;
-# XXX Label sysfs files with a specific type?
-allow gpsd sysfs:file rw_file_perms;
-
-allow gpsd gps_device:chr_file rw_file_perms;
-
-# Execute the shell or system commands.
-allow gpsd shell_exec:file rx_file_perms;
-allow gpsd system_file:file rx_file_perms;
-allow gpsd toolbox_exec:file rx_file_perms;
-
-###
-### neverallow
-###
-
-# gpsd can never have capabilities other than block_suspend
-neverallow gpsd self:capability *;
-neverallow gpsd self:capability2 ~block_suspend;
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-20 08:14:52 +0000