initial commit

author: Toni Uhlig <matzeton@googlemail.com> 2017-11-04 17:43:22 +0100
committer: Toni Uhlig <matzeton@googlemail.com> 2017-11-04 17:43:22 +0100
commit: 168e28e950f8540b287aa095f03ce37f4e3811e1 (patch)
tree: e76829264efa3eb11864e75eaade1b966b6ae011 /selinux
4 files changed, 26 insertions, 0 deletions
diff --git a/selinux/CVS/Entries b/selinux/CVS/Entries
new file mode 100644
index 0000000..32b83d2
--- /dev/null
+++ b/selinux/CVS/Entries
@@ -0,0 +1,2 @@
+/ptunnel.te/1.1/Mon Jun 22 08:09:46 2009//
+D
diff --git a/selinux/CVS/Repository b/selinux/CVS/Repository
new file mode 100644
index 0000000..f41a656
--- /dev/null
+++ b/selinux/CVS/Repository
@@ -0,0 +1 @@
+pingtunnel/selinux
diff --git a/selinux/CVS/Root b/selinux/CVS/Root
new file mode 100644
index 0000000..d2a18e8
--- /dev/null
+++ b/selinux/CVS/Root
@@ -0,0 +1 @@
+:ext:daniels@lgserv3.stud.cs.uit.no:/users/daniels/cvsroot
diff --git a/selinux/ptunnel.te b/selinux/ptunnel.te
new file mode 100644
index 0000000..995c765
--- /dev/null
+++ b/selinux/ptunnel.te
@@ -0,0 +1,22 @@
+policy_module(ptunnel, 1.7)
+
+require {
+	type initrc_t;
+	type unconfined_t;
+	type unlabeled_t;
+	class tcp_socket { read write create connect };
+	class association recvfrom;
+	class rawip_socket { write read };
+}
+
+type ptunnel_t;
+domain_dyntrans_type(initrc_t)
+
+allow ptunnel_t self:tcp_socket { read write create connect };
+allow ptunnel_t unconfined_t:rawip_socket { write read };
+allow ptunnel_t unlabeled_t:association recvfrom;
+corenet_tcp_sendrecv_generic_if(ptunnel_t)
+corenet_tcp_sendrecv_ssh_port(ptunnel_t)
+corenet_raw_receive_generic_node(ptunnel_t)
+corenet_tcp_connect_ssh_port(ptunnel_t)
+corenet_tcp_sendrecv_lo_node(ptunnel_t)
author	Toni Uhlig <matzeton@googlemail.com>	2017-11-04 17:43:22 +0100
committer	Toni Uhlig <matzeton@googlemail.com>	2017-11-04 17:43:22 +0100
commit	168e28e950f8540b287aa095f03ce37f4e3811e1 (patch)
tree	e76829264efa3eb11864e75eaade1b966b6ae011 /selinux