-policy_module(cod4, 0.1.24)
+policy_module(cod4, 0.1.26)
# File context for the executable process
type cod4_t;
corenet_udp_bind_generic_port(cod4_t)
corenet_udp_bind_generic_node(cod4_t)
-allow cod4_t cod4_ro_t:dir list_dir_perms;
-allow cod4_t cod4_ro_t:file read_file_perms;
+read_files_pattern(cod4_t, cod4_ro_t, cod4_ro_t)
manage_files_pattern(cod4_t, cod4_rw_t, cod4_rw_t)
manage_dirs_pattern(cod4_t, cod4_rw_t, cod4_rw_t)
+++ /dev/null
-## <summary></summary>
--- /dev/null
+../include/_sky_.if
\ No newline at end of file
-policy_module(q3a, 0.1.19)
+policy_module(q3a, 0.1.23)
# File context for the executable process
type q3a_t;
type q3a_ro_t;
files_type(q3a_ro_t)
-type q3a_tmp_t;
-files_tmp_file(q3a_tmp_t)
+_sky_files_use_tmp(q3a_t, q3a_tmp_t)
init_daemon_domain(q3a_t, q3a_exec_t)
corenet_udp_bind_generic_port(q3a_t)
corenet_udp_bind_generic_node(q3a_t)
+read_files_pattern(q3a_t, q3a_ro_t, q3a_ro_t)
+
allow q3a_t q3a_ro_t:dir list_dir_perms;
allow q3a_t q3a_ro_t:file read_file_perms;
-allow q3a_t q3a_tmp_t:file manage_file_perms;
-allow q3a_t q3a_tmp_t:dir manage_dir_perms;
manage_files_pattern(q3a_t, q3a_rw_t, q3a_rw_t)
manage_dirs_pattern(q3a_t, q3a_rw_t, q3a_rw_t)
setattr_files_pattern(q3a_t, q3a_rw_t, q3a_rw_t)
sysnet_dns_name_resolve(q3a_t)
-files_tmp_filetrans(q3a_t, q3a_tmp_t, { file dir})
dev_read_urand(q3a_t)
+++ /dev/null
-## <summary></summary>
--- /dev/null
+../include/_sky_.if
\ No newline at end of file
-policy_module(quake2, 0.1.5)
+policy_module(quake2, 0.1.9)
# File context for the executable process
type quake2_t;
type quake2_ro_t;
files_type(quake2_ro_t)
-type quake2_tmp_t;
-files_tmp_file(quake2_tmp_t)
+_sky_files_use_tmp(quake2_t, quake2_tmp_t)
init_daemon_domain(quake2_t, quake2_exec_t)
corenet_udp_bind_generic_port(quake2_t)
corenet_udp_bind_generic_node(quake2_t)
-allow quake2_t quake2_ro_t:dir list_dir_perms;
-allow quake2_t quake2_ro_t:file read_file_perms;
-#allow quake2_t quake2_tmp_t:file manage_file_perms;
-#allow quake2_t quake2_tmp_t:dir manage_dir_perms;
+read_files_pattern(quake2_t, quake2_ro_t, quake2_ro_t)
manage_files_pattern(quake2_t, quake2_rw_t, quake2_rw_t)
manage_dirs_pattern(quake2_t, quake2_rw_t, quake2_rw_t)
setattr_files_pattern(quake2_t, quake2_rw_t, quake2_rw_t)
sysnet_dns_name_resolve(quake2_t)
-files_tmp_filetrans(quake2_t, quake2_tmp_t, { file dir})
allow quake2_t self:process execmem;
+++ /dev/null
-## <summary></summary>
--- /dev/null
+../include/_sky_.if
\ No newline at end of file
-policy_module(tesseract, 0.1.1)
+policy_module(tesseract, 0.1.3)
# File context for the executable process
type tesseract_t;
type tesseract_ro_t;
files_type(tesseract_ro_t)
-#type tesseract_tmp_t;
-#files_tmp_file(tesseract_tmp_t)
-
init_daemon_domain(tesseract_t, tesseract_exec_t)
corenet_udp_sendrecv_generic_port(tesseract_t)
corenet_udp_bind_generic_port(tesseract_t)
corenet_udp_bind_generic_node(tesseract_t)
-allow tesseract_t tesseract_ro_t:dir list_dir_perms;
-allow tesseract_t tesseract_ro_t:file read_file_perms;
-#allow tesseract_t tesseract_tmp_t:file manage_file_perms;
-#allow tesseract_t tesseract_tmp_t:dir manage_dir_perms;
-
-#manage_files_pattern(tesseract_t, tesseract_rw_t, tesseract_rw_t)
-#manage_dirs_pattern(tesseract_t, tesseract_rw_t, tesseract_rw_t)
-#setattr_files_pattern(tesseract_t, tesseract_rw_t, tesseract_rw_t)
+read_files_pattern(tesseract_t, tesseract_ro_t, tesseract_ro_t)
sysnet_dns_name_resolve(tesseract_t)
-#files_tmp_filetrans(tesseract_t, tesseract_tmp_t, { file dir})
+++ /dev/null
-## <summary></summary>
--- /dev/null
+../include/_sky_.if
\ No newline at end of file
-policy_module(tf2, 0.1.21)
+policy_module(tf2, 0.1.22)
require {
type default_t;
type tf2_ro_t;
files_type(tf2_ro_t)
-# type tf2_tmp_t;
-# files_tmp_file(tf2_tmp_t)
init_daemon_domain(tf2_t, tf2_exec_t)
corenet_tcp_bind_generic_port(tf2_t)
corenet_tcp_bind_generic_node(tf2_t)
-allow tf2_t tf2_ro_t:dir list_dir_perms;
-allow tf2_t tf2_ro_t:file read_file_perms;
-#allow tf2_t tf2_tmp_t:file manage_file_perms;
-#allow tf2_t tf2_tmp_t:dir manage_dir_perms;
+read_files_pattern(tf2_t, tf2_ro_t, tf2_ro_t)
manage_files_pattern(tf2_t, tf2_rw_t, tf2_rw_t)
manage_dirs_pattern(tf2_t, tf2_rw_t, tf2_rw_t)
setattr_files_pattern(tf2_t, tf2_rw_t, tf2_rw_t)
sysnet_dns_name_resolve(tf2_t)
-# files_tmp_filetrans(tf2_t, tf2_tmp_t, { file dir})
# Needed to load shared libs
allow tf2_t tf2_exec_t:file execmod;
+++ /dev/null
-## <summary></summary>
--- /dev/null
+../include/_sky_.if
\ No newline at end of file
-policy_module(ts3, 0.1.21)
+policy_module(ts3, 0.1.22)
# File context for the executable process
type ts3_t;
allow ts3_t self:tcp_socket { create_stream_socket_perms connected_stream_socket_perms };
-allow ts3_t ts3_ro_t:dir list_dir_perms;
-allow ts3_t ts3_ro_t:file read_file_perms;
+read_files_pattern(ts3_t, ts3_ro_t, ts3_ro_t)
manage_files_pattern(ts3_t, ts3_rw_t, ts3_rw_t)
manage_dirs_pattern(ts3_t, ts3_rw_t, ts3_rw_t)
+++ /dev/null
-## <summary></summary>
--- /dev/null
+../include/_sky_.if
\ No newline at end of file
-policy_module(ut2004, 0.1.1)
+policy_module(ut2004, 0.1.2)
require {
type interwise_port_t;
type ut2004_ro_t;
files_type(ut2004_ro_t)
-#type ut2004_tmp_t;
-#files_tmp_file(ut2004_tmp_t)
-
init_daemon_domain(ut2004_t, ut2004_exec_t)
corenet_udp_sendrecv_generic_port(ut2004_t)
corenet_udp_bind_generic_port(ut2004_t)
corenet_udp_bind_generic_node(ut2004_t)
-allow ut2004_t ut2004_ro_t:dir list_dir_perms;
-allow ut2004_t ut2004_ro_t:file read_file_perms;
-#allow ut2004_t ut2004_tmp_t:file manage_file_perms;
-#allow ut2004_t ut2004_tmp_t:dir manage_dir_perms;
+read_files_pattern(ut2004_t, ut2004_ro_t, ut2004_ro_t)
manage_files_pattern(ut2004_t, ut2004_rw_t, ut2004_rw_t)
manage_dirs_pattern(ut2004_t, ut2004_rw_t, ut2004_rw_t)