aboutsummaryrefslogtreecommitdiff
path: root/contrib/rpm/bitcoin.if
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/rpm/bitcoin.if')
-rw-r--r--contrib/rpm/bitcoin.if157
1 files changed, 157 insertions, 0 deletions
diff --git a/contrib/rpm/bitcoin.if b/contrib/rpm/bitcoin.if
new file mode 100644
index 0000000000..2b096c24dc
--- /dev/null
+++ b/contrib/rpm/bitcoin.if
@@ -0,0 +1,157 @@
+
+## <summary>policy for bitcoin</summary>
+
+
+########################################
+## <summary>
+## Transition to bitcoin.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed to transition.
+## </summary>
+## </param>
+#
+interface(`bitcoin_domtrans',`
+ gen_require(`
+ type bitcoin_t, bitcoin_exec_t;
+ ')
+
+ corecmd_search_bin($1)
+ domtrans_pattern($1, bitcoin_exec_t, bitcoin_t)
+')
+
+
+########################################
+## <summary>
+## Execute bitcoin server in the bitcoin domain.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`bitcoin_initrc_domtrans',`
+ gen_require(`
+ type bitcoin_initrc_exec_t;
+ ')
+
+ init_labeled_script_domtrans($1, bitcoin_initrc_exec_t)
+')
+
+
+########################################
+## <summary>
+## Search bitcoin lib directories.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`bitcoin_search_lib',`
+ gen_require(`
+ type bitcoin_var_lib_t;
+ ')
+
+ allow $1 bitcoin_var_lib_t:dir search_dir_perms;
+ files_search_var_lib($1)
+')
+
+########################################
+## <summary>
+## Read bitcoin lib files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`bitcoin_read_lib_files',`
+ gen_require(`
+ type bitcoin_var_lib_t;
+ ')
+
+ files_search_var_lib($1)
+ read_files_pattern($1, bitcoin_var_lib_t, bitcoin_var_lib_t)
+')
+
+########################################
+## <summary>
+## Manage bitcoin lib files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`bitcoin_manage_lib_files',`
+ gen_require(`
+ type bitcoin_var_lib_t;
+ ')
+
+ files_search_var_lib($1)
+ manage_files_pattern($1, bitcoin_var_lib_t, bitcoin_var_lib_t)
+')
+
+########################################
+## <summary>
+## Manage bitcoin lib directories.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`bitcoin_manage_lib_dirs',`
+ gen_require(`
+ type bitcoin_var_lib_t;
+ ')
+
+ files_search_var_lib($1)
+ manage_dirs_pattern($1, bitcoin_var_lib_t, bitcoin_var_lib_t)
+')
+
+
+########################################
+## <summary>
+## All of the rules required to administrate
+## an bitcoin environment
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access.
+## </summary>
+## </param>
+## <rolecap/>
+#
+interface(`bitcoin_admin',`
+ gen_require(`
+ type bitcoin_t;
+ type bitcoin_initrc_exec_t;
+ type bitcoin_var_lib_t;
+ ')
+
+ allow $1 bitcoin_t:process { ptrace signal_perms };
+ ps_process_pattern($1, bitcoin_t)
+
+ bitcoin_initrc_domtrans($1)
+ domain_system_change_exemption($1)
+ role_transition $2 bitcoin_initrc_exec_t system_r;
+ allow $2 system_r;
+
+ files_search_var_lib($1)
+ admin_pattern($1, bitcoin_var_lib_t)
+
+')
+
generated by cgit v1.2.3 (git 2.26.2) at 2024-11-01 23:21:06 +0000