Add bf1942

diff --git a/bf1942/bf1942.fc b/bf1942/bf1942.fc
new file mode 100644 (file)
index 0000000..f01b483
--- /dev/null
+++ b/bf1942/bf1942.fc
@@ -0,0 +1,5 @@
+/etank/games/bf1942/bf1942/serverfiles/bf1942_lnxded.*                 -- gen_context(system_u:object_r:bf1942_exec_t,s0)
+/etank/games/bf1942/bf1942(/.*)?                                          gen_context(system_u:object_r:bf1942_ro_t,s0)
+/etank/games/bf1942/bf1942/serverfiles/mods/[^/]+/settings                gen_context(system_u:object_r:bf1942_rw_t,s0)
+/etank/games/bf1942/bf1942/serverfiles/mods/[^/]+/logs(/.*)?              gen_context(system_u:object_r:bf1942_rw_t,s0)
+/etank/games/bf1942/bf1942/serverfiles/mods/[^/]+/settings/maplist.con    gen_context(system_u:object_r:bf1942_rw_t,s0)

diff --git a/bf1942/bf1942.if b/bf1942/bf1942.if
new file mode 120000 (symlink)
index 0000000..196caaa
--- /dev/null
+++ b/bf1942/bf1942.if
@@ -0,0 +1 @@
+../include/_sky_.if
\ No newline at end of file

diff --git a/bf1942/bf1942.te b/bf1942/bf1942.te
new file mode 100644 (file)
index 0000000..54b98fb
--- /dev/null
+++ b/bf1942/bf1942.te
@@ -0,0 +1,30 @@
+policy_module(bf1942, 0.1.4)
+
+# File context for the executable process
+type bf1942_t;
+type bf1942_exec_t;
+
+type bf1942_rw_t;
+files_type(bf1942_rw_t)
+
+type bf1942_ro_t;
+files_type(bf1942_ro_t)
+
+init_daemon_domain(bf1942_t, bf1942_exec_t)
+
+corenet_udp_sendrecv_generic_port(bf1942_t)
+corenet_udp_bind_generic_port(bf1942_t)
+corenet_udp_bind_generic_node(bf1942_t)
+
+read_files_pattern(bf1942_t, bf1942_ro_t, bf1942_ro_t)
+read_lnk_files_pattern(bf1942_t, bf1942_ro_t, bf1942_ro_t)
+list_dirs_pattern(bf1942_t, bf1942_ro_t, bf1942_ro_t)
+
+manage_files_pattern(bf1942_t, bf1942_rw_t, bf1942_rw_t)
+manage_dirs_pattern(bf1942_t, bf1942_rw_t, bf1942_rw_t)
+setattr_files_pattern(bf1942_t, bf1942_rw_t, bf1942_rw_t)
+
+sysnet_dns_name_resolve(bf1942_t)
+
+kernel_read_system_state(bf1942_t)
+allow bf1942_t self:process execmem;