Move base directories to /var/games

[selinux.git] / quake2 / quake2.te

diff --git a/quake2/quake2.te b/quake2/quake2.te
index 8e980e5..7ceaf03 100644 (file)
--- a/quake2/quake2.te
+++ b/quake2/quake2.te
@@ -1,4 +1,8 @@
-policy_module(quake2, 0.1.9)
+policy_module(quake2, 0.1.12)
+
+require {
+    type games_data_t;
+}
 
 # File context for the executable process
 type quake2_t;
@@ -12,6 +16,7 @@ files_type(quake2_ro_t)
 
 _sky_files_use_tmp(quake2_t, quake2_tmp_t)
 
+init_domain(quake2_t, quake2_exec_t)
 init_daemon_domain(quake2_t, quake2_exec_t)
 
 corenet_udp_sendrecv_generic_port(quake2_t)
@@ -19,6 +24,7 @@ corenet_udp_bind_generic_port(quake2_t)
 corenet_udp_bind_generic_node(quake2_t)
 
 read_files_pattern(quake2_t, quake2_ro_t, quake2_ro_t)
+list_dirs_pattern(quake2_t, quake2_ro_t, quake2_ro_t)
 
 manage_files_pattern(quake2_t, quake2_rw_t, quake2_rw_t)
 manage_dirs_pattern(quake2_t, quake2_rw_t, quake2_rw_t)
@@ -27,3 +33,5 @@ setattr_files_pattern(quake2_t, quake2_rw_t, quake2_rw_t)
 sysnet_dns_name_resolve(quake2_t)
 
 allow quake2_t self:process execmem;
+
+list_dirs_pattern(quake2_t, games_data_t, games_data_t)