�
4]c������������@���s���d��Z��d��Z��d��Z��d��Z��d��Z��d��Z��d��Z��d��Z��d��Z��d �Z �d
�Z
�d��Z��d��Z��d��Z
�d��Z��d
�Z��d��Z��d��Z��d��Z��d��Z��d��Z��d��Z��d��Z��d��Z��d��Z��d��Z��d��Z��d��Z��d��Z��d��Z��d��Z��d��Z��d��Z �d��Z!�d �Z"�d!�Z#�d"�Z$�d#�Z%�d$�Z&�d%�Z'�d&�Z(�d'�S((���s���policy_module(TEMPLATETYPE, 1.0.0)
########################################
#
# Declarations
#
type TEMPLATETYPE_t;
type TEMPLATETYPE_exec_t;
init_daemon_domain(TEMPLATETYPE_t, TEMPLATETYPE_exec_t)
permissive TEMPLATETYPE_t;
sO���
type TEMPLATETYPE_initrc_exec_t;
init_script_file(TEMPLATETYPE_initrc_exec_t)
s#���policy_module(TEMPLATETYPE, 1.0.0)
########################################
#
# Declarations
#
type TEMPLATETYPE_t;
type TEMPLATETYPE_exec_t;
domain_type(TEMPLATETYPE_t)
domain_entry_file(TEMPLATETYPE_t, TEMPLATETYPE_exec_t)
role system_r types TEMPLATETYPE_t;
permissive TEMPLATETYPE_t;
s���policy_module(TEMPLATETYPE, 1.0.0)
########################################
#
# Declarations
#
type TEMPLATETYPE_t;
type TEMPLATETYPE_exec_t;
inetd_service_domain(TEMPLATETYPE_t, TEMPLATETYPE_exec_t)
permissive TEMPLATETYPE_t;
sa���policy_module(TEMPLATETYPE, 1.0.0)
########################################
#
# Declarations
#
attribute_role TEMPLATETYPE_roles;
roleattribute system_r TEMPLATETYPE_roles;
type TEMPLATETYPE_t;
type TEMPLATETYPE_exec_t;
application_domain(TEMPLATETYPE_t, TEMPLATETYPE_exec_t)
role TEMPLATETYPE_roles types TEMPLATETYPE_t;
permissive TEMPLATETYPE_t;
s���policy_module(TEMPLATETYPE, 1.0.0)
########################################
#
# Declarations
#
sandbox_x_domain_template(TEMPLATETYPE)
permissive TEMPLATETYPE_t;
permissive TEMPLATETYPE_client_t;
s���policy_module(TEMPLATETYPE, 1.0.0)
########################################
#
# Declarations
#
apache_content_template(TEMPLATETYPE)
permissive httpd_TEMPLATETYPE_script_t;
s���allow TEMPLATETYPE_t self:fifo_file rw_fifo_file_perms;
allow TEMPLATETYPE_t self:unix_stream_socket create_stream_socket_perms;
t����
sO���
optional_policy(`
dbus_system_domain(TEMPLATETYPE_t, TEMPLATETYPE_exec_t)
')
s���
allow TEMPLATETYPE_t self:fifo_file manage_fifo_file_perms;
allow TEMPLATETYPE_t self:unix_stream_socket create_stream_socket_perms;
s#���
auth_use_nsswitch(TEMPLATETYPE_t)
s)���
logging_send_syslog_msg(TEMPLATETYPE_t)
s)���
sysnet_dns_name_resolve(TEMPLATETYPE_t)
s*���
auth_domtrans_chk_passwd(TEMPLATETYPE_t)
s����
mta_send_mail(TEMPLATETYPE_t)
sg���
optional_policy(`
dbus_system_bus_client(TEMPLATETYPE_t)
dbus_connect_system_bus(TEMPLATETYPE_t)
')
s4���
optional_policy(`
kerberos_use(TEMPLATETYPE_t)
')
s{���
optional_policy(`
kerberos_keytab_template(TEMPLATETYPE, TEMPLATETYPE_t)
kerberos_manage_host_rcache(TEMPLATETYPE_t)
')
s)���
logging_send_audit_msgs(TEMPLATETYPE_t)
sj���
optional_policy(`
gen_require(`
type USER_t;
role USER_r;
')
TEMPLATETYPE_run(USER_t, USER_r)
')
s,���
domain_use_interactive_fds(TEMPLATETYPE_t)
s&���
files_read_etc_files(TEMPLATETYPE_t)
s-���
miscfiles_read_localization(TEMPLATETYPE_t)
s.���
## policy for TEMPLATETYPEs���
########################################
##
## Execute TEMPLATETYPE_exec_t in the TEMPLATETYPE domain.
##
##
##
## Domain allowed to transition.
##
##
#
interface(`TEMPLATETYPE_domtrans',`
gen_require(`
type TEMPLATETYPE_t, TEMPLATETYPE_exec_t;
')
corecmd_search_bin($1)
domtrans_pattern($1, TEMPLATETYPE_exec_t, TEMPLATETYPE_t)
')
######################################
##
## Execute TEMPLATETYPE in the caller domain.
##
##
##
## Domain allowed access.
##
##
#
interface(`TEMPLATETYPE_exec',`
gen_require(`
type TEMPLATETYPE_exec_t;
')
corecmd_search_bin($1)
can_exec($1, TEMPLATETYPE_exec_t)
')
sk���
########################################
##
## Execute TEMPLATETYPE in the TEMPLATETYPE domain, and
## allow the specified role the TEMPLATETYPE domain.
##
##
##
## Domain allowed to transition
##
##
##
##
## The role to be allowed the TEMPLATETYPE domain.
##
##
#
interface(`TEMPLATETYPE_run',`
gen_require(`
type TEMPLATETYPE_t;
attribute_role TEMPLATETYPE_roles;
')
TEMPLATETYPE_domtrans($1)
roleattribute $2 TEMPLATETYPE_roles;
')
########################################
##
## Role access for TEMPLATETYPE
##
##
##
## Role allowed access
##
##
##
##
## User domain for the role
##
##
#
interface(`TEMPLATETYPE_role',`
gen_require(`
type TEMPLATETYPE_t;
attribute_role TEMPLATETYPE_roles;
')
roleattribute $1 TEMPLATETYPE_roles;
TEMPLATETYPE_domtrans($2)
ps_process_pattern($2, TEMPLATETYPE_t)
allow $2 TEMPLATETYPE_t:process { signull signal sigkill };
')
s���
########################################
##
## Execute sandbox in the TEMPLATETYPE_t domain, and
## allow the specified role the TEMPLATETYPE_t domain.
##
##
##
## Domain allowed to transition.
##
##
##
##
## The role to be allowed the TEMPLATETYPE_t domain.
##
##
#
interface(`TEMPLATETYPE_transition',`
gen_require(`
type TEMPLATETYPE_t;
type TEMPLATETYPE_client_t;
')
allow $1 TEMPLATETYPE_t:process { signal_perms transition };
dontaudit $1 TEMPLATETYPE_t:process { noatsecure siginh rlimitinh };
role $2 types TEMPLATETYPE_t;
role $2 types TEMPLATETYPE_client_t;
allow TEMPLATETYPE_t $1:process { sigchld signull };
allow TEMPLATETYPE_t $1:fifo_file rw_inherited_fifo_file_perms;
allow TEMPLATETYPE_client_t $1:process { sigchld signull };
allow TEMPLATETYPE_client_t $1:fifo_file rw_inherited_fifo_file_perms;
')
s>���
########################################
##
## Change to the TEMPLATETYPE role.
##
##
##
## Role allowed access.
##
##
##
#
interface(`TEMPLATETYPE_role_change',`
gen_require(`
role TEMPLATETYPE_r;
')
allow $1 TEMPLATETYPE_r;
')
s���
########################################
##
## Execute TEMPLATETYPE server in the TEMPLATETYPE domain.
##
##
##
## Domain allowed access.
##
##
#
interface(`TEMPLATETYPE_initrc_domtrans',`
gen_require(`
type TEMPLATETYPE_initrc_exec_t;
')
init_labeled_script_domtrans($1, TEMPLATETYPE_initrc_exec_t)
')
s���
########################################
##
## Send and receive messages from
## TEMPLATETYPE over dbus.
##
##
##
## Domain allowed access.
##
##
#
interface(`TEMPLATETYPE_dbus_chat',`
gen_require(`
type TEMPLATETYPE_t;
class dbus send_msg;
')
allow $1 TEMPLATETYPE_t:dbus send_msg;
allow TEMPLATETYPE_t $1:dbus send_msg;
')
s���
########################################
##
## All of the rules required to administrate
## an TEMPLATETYPE environment
##
##
##
## Domain allowed access.
##
##
##
##
## Role allowed access.
##
##
##
#
interface(`TEMPLATETYPE_admin',`
gen_require(`
type TEMPLATETYPE_t;s���
')
allow $1 TEMPLATETYPE_t:process { signal_perms };
ps_process_pattern($1, TEMPLATETYPE_t)
tunable_policy(`deny_ptrace',`',`
allow $1 TEMPLATETYPE_t:process ptrace;
')
s#���
type TEMPLATETYPE_initrc_exec_t;s���
TEMPLATETYPE_initrc_domtrans($1)
domain_system_change_exemption($1)
role_transition $2 TEMPLATETYPE_initrc_exec_t system_r;
allow $2 system_r;
sb��� optional_policy(`
systemd_passwd_agent_exec($1)
systemd_read_fifo_file_passwd_run($1)
')
')
sE���EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_exec_t,s0)
s ���# No file context, leave blank
sK���EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_initrc_exec_t,s0)
N()���t����te_daemon_typest����te_initscript_typest����te_dbusd_typest����te_inetd_typest����te_userapp_typest����te_sandbox_typest����te_cgi_typest����te_daemon_rulest����te_inetd_rulest����te_dbusd_rulest����te_userapp_rulest����te_cgi_rulest����te_sandbox_rulest����te_uid_rulest����te_syslog_rulest����te_resolve_rulest����te_pam_rulest
���te_mail_rulest
���te_dbus_rulest����te_kerberos_rulest����te_manage_krb5_rcache_rulest����te_audit_rulest����te_run_rulest����te_fd_rulest����te_etc_rulest����te_localization_rulest����if_heading_rulest����if_program_rulest����if_user_program_rulest����if_sandbox_rulest����if_role_change_rulest����if_initscript_rulest
���if_dbus_rulest����if_begin_admint����if_middle_admint����if_initscript_admin_typest����if_initscript_admint����if_end_admint
���fc_programt����fc_usert
���fc_initscript(����(����(����sC���/usr/lib64/python2.7/site-packages/sepolicy/templates/executable.pyt����$���sP��������������
�����������������������������������������)�9�#����������������������