2017-09-20 11:54:48 +00:00
|
|
|
type timekeep, domain;
|
2017-01-23 12:09:08 +00:00
|
|
|
type timekeep_exec, exec_type, file_type;
|
|
|
|
|
|
|
|
# Started by init
|
|
|
|
init_daemon_domain(timekeep)
|
|
|
|
|
|
|
|
allow timekeep self:capability {
|
|
|
|
fowner
|
|
|
|
fsetid
|
|
|
|
sys_time
|
|
|
|
dac_override
|
|
|
|
dac_read_search
|
|
|
|
};
|
|
|
|
|
|
|
|
allow timekeep time_data_file:file create_file_perms;
|
|
|
|
allow timekeep time_data_file:dir create_dir_perms;
|
|
|
|
|
|
|
|
set_prop(timekeep, timekeep_prop)
|