API tools faq
paste
Advertisement
CJM51213

Untitled

CJM51213
Oct 29th, 2016
68
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.46 KB | None | 0 0
raw download clone embed print report
  1. Found 83 semantic av rules:
  2. allow nsswitch_domain nmbd_var_run_t : sock_file { write getattr append open } ;
  3. allow nsswitch_domain sssd_var_lib_t : sock_file { write getattr append open } ;
  4. allow bacula_t var_lib_t : dir { ioctl read write getattr lock add_name remove_name search open } ;
  5. allow nsswitch_domain avahi_var_run_t : sock_file { write getattr append open } ;
  6. allow bacula_t tmp_t : dir { ioctl read write getattr lock add_name remove_name search open } ;
  7. allow bacula_t bacula_tmp_t : dir { ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open } ;
  8. allow daemon nscd_var_run_t : sock_file { write getattr append open } ;
  9. allow bacula_t bacula_log_t : dir { ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open } ;
  10. allow nsswitch_domain winbind_var_run_t : sock_file { write getattr append open } ;
  11. allow bacula_t var_run_t : dir { ioctl read write getattr lock add_name remove_name search open } ;
  12. allow daemon initrc_tmp_t : file { ioctl read write getattr lock append } ;
  13. allow domain puppet_tmp_t : file { ioctl read write getattr lock append } ;
  14. allow bacula_t mysqld_var_run_t : sock_file { write getattr append open } ;
  15. allow domain setrans_var_run_t : sock_file { write getattr append open } ;
  16. allow bacula_t bacula_store_t : file { ioctl read write create getattr setattr lock append unlink link rename open } ;
  17. allow daemon abrt_var_run_t : sock_file { write getattr append open } ;
  18. allow bacula_t bacula_spool_t : file { ioctl read write create getattr setattr lock append unlink link rename open } ;
  19. allow nsswitch_domain nslcd_var_run_t : sock_file { write getattr append open } ;
  20. allow daemon init_var_run_t : sock_file write ;
  21. allow syslog_client_type devlog_t : sock_file { write getattr append open } ;
  22. allow bacula_t bacula_var_run_t : file { ioctl read write create getattr setattr lock append unlink link rename open } ;
  23. allow bacula_t avahi_var_run_t : sock_file { write getattr append open } ;
  24. allow daemon initrc_devpts_t : chr_file { ioctl read write getattr lock append open } ;
  25. allow bacula_t bacula_var_lib_t : dir { ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open } ;
  26. allow bacula_t slapd_var_run_t : sock_file { write getattr append open } ;
  27. allow daemon puppet_tmp_t : file { ioctl read write getattr lock append } ;
  28. allow nsswitch_domain lsassd_var_socket_t : sock_file { write getattr append open } ;
  29. allow bacula_t bacula_tmp_t : file { ioctl read write create getattr setattr lock append unlink link rename open } ;
  30. allow domain afs_cache_t : file { read write } ;
  31. allow domain var_run_t : fifo_file write ;
  32. allow bacula_t var_log_t : dir { ioctl read write getattr lock add_name remove_name search open } ;
  33. allow bacula_t bacula_store_t : lnk_file { ioctl read write create getattr setattr lock append unlink link rename } ;
  34. allow bacula_t bacula_spool_t : dir { ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open } ;
  35. allow bacula_t postgresql_tmp_t : sock_file { write getattr append open } ;
  36. allow daemon user_cron_spool_t : file { ioctl read write getattr lock append } ;
  37. allow bacula_t bacula_store_t : dir { ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open } ;
  38. allow domain rpm_script_tmp_t : fifo_file { ioctl read write getattr lock append } ;
  39. allow bacula_t postgresql_var_run_t : sock_file { write getattr append open } ;
  40. allow bacula_t bacula_var_lib_t : file { ioctl read write create getattr setattr lock append unlink link rename open } ;
  41. allow syslog_client_type syslogd_var_run_t : sock_file { write getattr append open } ;
  42. DT allow daemon root_t : dir { ioctl read write getattr lock add_name remove_name search open } ; [ daemons_dump_core ]
  43. DT allow daemon cluster_var_run_t : dir { ioctl read write getattr lock add_name remove_name search open } ; [ daemons_enable_cluster_mode ]
  44. DT allow userdom_home_manager_type nfs_t : dir { ioctl read write getattr lock add_name remove_name search open } ; [ use_nfs_home_dirs ]
  45. DT allow userdom_home_manager_type nfs_t : dir { ioctl read write getattr lock add_name remove_name search open } ; [ use_nfs_home_dirs ]
  46. DT allow userdom_home_manager_type nfs_t : dir { ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open } ; [ use_nfs_home_dirs ]
  47. DT allow userdom_home_manager_type fusefs_t : dir { ioctl read write getattr lock add_name remove_name search open } ; [ use_fusefs_home_dirs ]
  48. DT allow userdom_home_manager_type fusefs_t : dir { ioctl read write getattr lock add_name remove_name search open } ; [ use_fusefs_home_dirs ]
  49. DT allow userdom_home_manager_type fusefs_t : dir { ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open } ; [ use_fusefs_home_dirs ]
  50. DT allow daemon cluster_tmp_t : file { ioctl read write getattr lock append } ; [ daemons_enable_cluster_mode ]
  51. DT allow userdom_home_manager_type ecryptfs_t : lnk_file { ioctl read write create getattr setattr lock append unlink link rename } ; [ use_ecryptfs_home_dirs ]
  52. DT allow daemon root_t : file { ioctl read write create getattr setattr lock append unlink link rename open } ; [ daemons_dump_core ]
  53. DF allow nsswitch_domain nscd_var_run_t : sock_file { write getattr append open } ; [ nscd_use_shm ]
  54. DF allow nsswitch_domain nscd_var_run_t : sock_file { write getattr append open } ; [ nscd_use_shm ]
  55. ET allow nsswitch_domain nscd_var_run_t : sock_file { write getattr append open } ; [ nscd_use_shm ]
  56. ET allow nsswitch_domain nscd_var_run_t : sock_file { write getattr append open } ; [ nscd_use_shm ]
  57. DT allow daemon devpts_t : chr_file { ioctl read write getattr lock append open } ; [ daemons_use_tty ]
  58. DT allow userdom_home_manager_type ecryptfs_t : dir { ioctl read write getattr lock add_name remove_name search open } ; [ use_ecryptfs_home_dirs ]
  59. DT allow userdom_home_manager_type ecryptfs_t : dir { ioctl read write getattr lock add_name remove_name search open } ; [ use_ecryptfs_home_dirs ]
  60. DT allow userdom_home_manager_type ecryptfs_t : dir { ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open } ; [ use_ecryptfs_home_dirs ]
  61. DT allow userdom_home_manager_type ecryptfs_t : dir { ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open } ; [ use_ecryptfs_home_dirs ]
  62. DT allow userdom_home_manager_type ecryptfs_t : dir { ioctl read write getattr lock add_name remove_name search open } ; [ use_ecryptfs_home_dirs ]
  63. DT allow nsswitch_domain slapd_var_run_t : sock_file { write getattr append open } ; [ authlogin_nsswitch_use_ldap ]
  64. DF allow bacula_t nscd_var_run_t : sock_file { write getattr append open } ; [ nscd_use_shm ]
  65. ET allow bacula_t nscd_var_run_t : sock_file { write getattr append open } ; [ nscd_use_shm ]
  66. DT allow daemon cluster_conf_t : file { ioctl read write create getattr setattr lock append unlink link rename open } ; [ daemons_enable_cluster_mode ]
  67. DT allow userdom_home_manager_type nfs_t : lnk_file { ioctl read write create getattr setattr lock append unlink link rename } ; [ use_nfs_home_dirs ]
  68. DT allow daemon cluster_var_run_t : file { ioctl read write create getattr setattr lock append unlink link rename open } ; [ daemons_enable_cluster_mode ]
  69. DT allow daemon cluster_var_lib_t : file { ioctl read write create getattr setattr lock append unlink link rename open } ; [ daemons_enable_cluster_mode ]
  70. DT allow userdom_home_manager_type cifs_t : dir { ioctl read write getattr lock add_name remove_name search open } ; [ use_samba_home_dirs ]
  71. DT allow userdom_home_manager_type cifs_t : dir { ioctl read write getattr lock add_name remove_name search open } ; [ use_samba_home_dirs ]
  72. DT allow userdom_home_manager_type cifs_t : dir { ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open } ; [ use_samba_home_dirs ]
  73. DT allow userdom_home_manager_type cifs_t : lnk_file { ioctl read write create getattr setattr lock append unlink link rename } ; [ use_samba_home_dirs ]
  74. DT allow daemon cluster_var_lib_t : dir { ioctl read write getattr lock add_name remove_name search open } ; [ daemons_enable_cluster_mode ]
  75. DT allow userdom_home_manager_type ecryptfs_t : file { ioctl read write create getattr setattr lock append unlink link rename open } ; [ use_ecryptfs_home_dirs ]
  76. ET allow nsswitch_domain pcscd_var_run_t : sock_file { write getattr append open } ; [ kerberos_enabled ]
  77. DT allow userdom_home_manager_type cifs_t : file { ioctl read write create getattr setattr lock append unlink link rename open } ; [ use_samba_home_dirs ]
  78. DT allow userdom_home_manager_type fusefs_t : file { ioctl read write create getattr setattr lock append unlink link rename open } ; [ use_fusefs_home_dirs ]
  79. DT allow daemon cluster_conf_t : dir { ioctl read write getattr lock add_name remove_name search open } ; [ daemons_enable_cluster_mode ]
  80. DT allow daemon cluster_conf_t : dir { ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open } ; [ daemons_enable_cluster_mode ]
  81. DT allow daemon cluster_conf_t : dir { ioctl read write getattr lock add_name remove_name search open } ; [ daemons_enable_cluster_mode ]
  82. DT allow userdom_home_manager_type nfs_t : file { ioctl read write create getattr setattr lock append unlink link rename open } ; [ use_nfs_home_dirs ]
  83. DT allow userdom_home_manager_type fusefs_t : lnk_file { ioctl read write create getattr setattr lock append unlink link rename } ; [ use_fusefs_home_dirs ]
  84. DT allow nsswitch_domain dirsrv_var_run_t : sock_file { write getattr append open } ; [ authlogin_nsswitch_use_ldap ]
  85.  
  86. Found 8 semantic te rules:
  87. type_transition bacula_t var_lib_t : dir bacula_var_lib_t;
  88. type_transition bacula_t tmp_t : file bacula_tmp_t;
  89. type_transition bacula_t tmp_t : dir bacula_tmp_t;
  90. type_transition bacula_t bacula_unconfined_script_exec_t : process bacula_unconfined_script_t;
  91. type_transition bacula_t var_run_t : file bacula_var_run_t;
  92. type_transition bacula_t var_log_t : dir bacula_log_t;
  93. type_transition bacula_t abrt_helper_exec_t : process abrt_helper_t;
  94. type_transition bacula_t var_log_t : file bacula_log_t;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!