##

Network Top

######################################## ##

## Execute a domain transition to run ntop. ##

## ##

## Domain allowed to transition. ##

## # interface(`ntop_domtrans',` gen_require(` type ntop_t, ntop_exec_t; ') domtrans_pattern($1, ntop_exec_t, ntop_t) ') ######################################## ##

## Execute ntop server in the ntop domain. ##

## ##

## The type of the process performing this action. ##

## # interface(`ntop_initrc_domtrans',` gen_require(` type ntop_initrc_exec_t; ') init_labeled_script_domtrans($1, ntop_initrc_exec_t) ') ######################################## ##

## Read ntop content in /etc ##

## ##

## Domain allowed access. ##

## # interface(`ntop_read_config',` gen_require(` type ntop_etc_t; ') read_files_pattern($1, ntop_etc_t, ntop_etc_t); files_search_etc($1) ') ######################################## ##

## Search ntop dirs in /var/lib ##

## ##

## Domain allowed access. ##

## # interface(`ntop_search_lib',` gen_require(` type ntop_var_lib_t; ') search_dirs_pattern($1, ntop_var_lib_t, ntop_var_lib_t) files_search_var_lib($1) ') ######################################## ##

## Read ntop files in /var/lib ##

## ##

## Domain allowed access. ##

## # interface(`ntop_read_lib_files',` gen_require(` type ntop_var_lib_t; ') read_files_pattern($1, ntop_var_lib_t, ntop_var_lib_t) files_search_var_lib($1) ') ######################################## ##

## Manage ntop files in /var/lib ##

## ##

## Domain allowed access. ##

## # interface(`ntop_manage_lib_files',` gen_require(` type ntop_var_lib_t; ') manage_files_pattern($1, ntop_var_lib_t, ntop_var_lib_t) files_search_var_lib($1) ') ######################################## ##

## All of the rules required to administrate ## an ntop environment ##

## ##

## Domain allowed access. ##

## ## ##

## Role allowed access. ##

## ## # interface(`ntop_admin',` gen_require(` type ntop_t, ntop_var_lib_t, ntop_var_run_t; type ntop_etc_t, ntop_initrc_exec_t; type ntop_tmp_t; ') allow $1 ntop_t:process { ptrace signal_perms getattr }; read_files_pattern($1, ntop_t, ntop_t) files_search_etc($1) admin_pattern($1, ntop_etc_t) files_list_var_lib($1) admin_pattern($1, ntop_var_lib_t) files_search_pids($1) admin_pattern($1, ntop_var_run_t) admin_pattern($1, ntop_tmp_t) ntop_initrc_domtrans($1) domain_system_change_exemption($1) role_transition $2 ntop_initrc_exec_t system_r; allow $2 system_r; ')