diff options
author | 2017-06-08 16:16:15 +0200 | |
---|---|---|
committer | 2017-06-13 16:02:15 +0800 | |
commit | b0d06664412c0c7baee2b8e12a26206d05a1ee02 (patch) | |
tree | 60fffa294d0c3febeae4a06124b7833c45b3220d /policy/modules/services | |
parent | miscfiles: Module version bump for patch from Luis Ressel. (diff) | |
download | hardened-refpolicy-b0d06664412c0c7baee2b8e12a26206d05a1ee02.tar.gz hardened-refpolicy-b0d06664412c0c7baee2b8e12a26206d05a1ee02.tar.bz2 hardened-refpolicy-b0d06664412c0c7baee2b8e12a26206d05a1ee02.zip |
rkhunter: add interfaces for rkhunter module and sysadm permit
Diffstat (limited to 'policy/modules/services')
-rw-r--r-- | policy/modules/services/ssh.if | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/policy/modules/services/ssh.if b/policy/modules/services/ssh.if index 3eca8306..22642eb3 100644 --- a/policy/modules/services/ssh.if +++ b/policy/modules/services/ssh.if @@ -601,6 +601,25 @@ interface(`ssh_tcp_connect',` ######################################## ## <summary> +## Execute the ssh daemon in the caller domain. +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`ssh_exec_sshd',` + gen_require(` + type sshd_exec_t; + ') + + corecmd_search_bin($1) + can_exec($1, sshd_exec_t) +') + +######################################## +## <summary> ## Execute the ssh daemon sshd domain. ## </summary> ## <param name="domain"> |