1*2d543d20SAndroid Build Coastguard Worker<?xml version="1.0" encoding="UTF-8"?> 2*2d543d20SAndroid Build Coastguard Worker<!DOCTYPE policyconfig PUBLIC 3*2d543d20SAndroid Build Coastguard Worker"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" 4*2d543d20SAndroid Build Coastguard Worker"http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd"> 5*2d543d20SAndroid Build Coastguard Worker<policyconfig> 6*2d543d20SAndroid Build Coastguard Worker 7*2d543d20SAndroid Build Coastguard Worker <vendor>Red Hat Inc.</vendor> 8*2d543d20SAndroid Build Coastguard Worker <vendor_url>http://www.redhat.com</vendor_url> 9*2d543d20SAndroid Build Coastguard Worker 10*2d543d20SAndroid Build Coastguard Worker <action id="org.selinux.restorecon"> 11*2d543d20SAndroid Build Coastguard Worker <description>SELinux write access</description> 12*2d543d20SAndroid Build Coastguard Worker <message>System policy prevents restorecon access to SELinux</message> 13*2d543d20SAndroid Build Coastguard Worker <defaults> 14*2d543d20SAndroid Build Coastguard Worker <allow_any>no</allow_any> 15*2d543d20SAndroid Build Coastguard Worker <allow_inactive>no</allow_inactive> 16*2d543d20SAndroid Build Coastguard Worker <allow_active>auth_admin_keep</allow_active> 17*2d543d20SAndroid Build Coastguard Worker </defaults> 18*2d543d20SAndroid Build Coastguard Worker </action> 19*2d543d20SAndroid Build Coastguard Worker <action id="org.selinux.setenforce"> 20*2d543d20SAndroid Build Coastguard Worker <description>SELinux write access</description> 21*2d543d20SAndroid Build Coastguard Worker <message>System policy prevents setenforce access to SELinux</message> 22*2d543d20SAndroid Build Coastguard Worker <defaults> 23*2d543d20SAndroid Build Coastguard Worker <allow_any>no</allow_any> 24*2d543d20SAndroid Build Coastguard Worker <allow_inactive>no</allow_inactive> 25*2d543d20SAndroid Build Coastguard Worker <allow_active>auth_admin_keep</allow_active> 26*2d543d20SAndroid Build Coastguard Worker </defaults> 27*2d543d20SAndroid Build Coastguard Worker </action> 28*2d543d20SAndroid Build Coastguard Worker <action id="org.selinux.semanage"> 29*2d543d20SAndroid Build Coastguard Worker <description>SELinux write access</description> 30*2d543d20SAndroid Build Coastguard Worker <message>System policy prevents semanage access to SELinux</message> 31*2d543d20SAndroid Build Coastguard Worker <defaults> 32*2d543d20SAndroid Build Coastguard Worker <allow_any>no</allow_any> 33*2d543d20SAndroid Build Coastguard Worker <allow_inactive>no</allow_inactive> 34*2d543d20SAndroid Build Coastguard Worker <allow_active>auth_admin_keep</allow_active> 35*2d543d20SAndroid Build Coastguard Worker </defaults> 36*2d543d20SAndroid Build Coastguard Worker </action> 37*2d543d20SAndroid Build Coastguard Worker <action id="org.selinux.customized"> 38*2d543d20SAndroid Build Coastguard Worker <description>SELinux Read access</description> 39*2d543d20SAndroid Build Coastguard Worker <message>System policy prevents read access to SELinux</message> 40*2d543d20SAndroid Build Coastguard Worker <defaults> 41*2d543d20SAndroid Build Coastguard Worker <allow_any>no</allow_any> 42*2d543d20SAndroid Build Coastguard Worker <allow_inactive>no</allow_inactive> 43*2d543d20SAndroid Build Coastguard Worker <allow_active>auth_admin_keep</allow_active> 44*2d543d20SAndroid Build Coastguard Worker </defaults> 45*2d543d20SAndroid Build Coastguard Worker </action> 46*2d543d20SAndroid Build Coastguard Worker <action id="org.selinux.semodule_list"> 47*2d543d20SAndroid Build Coastguard Worker <description>SELinux list modules access</description> 48*2d543d20SAndroid Build Coastguard Worker <message>System policy prevents read access to SELinux modules</message> 49*2d543d20SAndroid Build Coastguard Worker <defaults> 50*2d543d20SAndroid Build Coastguard Worker <allow_any>no</allow_any> 51*2d543d20SAndroid Build Coastguard Worker <allow_inactive>no</allow_inactive> 52*2d543d20SAndroid Build Coastguard Worker <allow_active>auth_admin_keep</allow_active> 53*2d543d20SAndroid Build Coastguard Worker </defaults> 54*2d543d20SAndroid Build Coastguard Worker </action> 55*2d543d20SAndroid Build Coastguard Worker <action id="org.selinux.relabel_on_boot"> 56*2d543d20SAndroid Build Coastguard Worker <description>SELinux write access</description> 57*2d543d20SAndroid Build Coastguard Worker <message>System policy prevents relabel_on_boot access to SELinux</message> 58*2d543d20SAndroid Build Coastguard Worker <defaults> 59*2d543d20SAndroid Build Coastguard Worker <allow_any>no</allow_any> 60*2d543d20SAndroid Build Coastguard Worker <allow_inactive>no</allow_inactive> 61*2d543d20SAndroid Build Coastguard Worker <allow_active>auth_admin_keep</allow_active> 62*2d543d20SAndroid Build Coastguard Worker </defaults> 63*2d543d20SAndroid Build Coastguard Worker </action> 64*2d543d20SAndroid Build Coastguard Worker <action id="org.selinux.change_default_policy"> 65*2d543d20SAndroid Build Coastguard Worker <description>SELinux write access</description> 66*2d543d20SAndroid Build Coastguard Worker <message>System policy prevents change_default_policy access to SELinux</message> 67*2d543d20SAndroid Build Coastguard Worker <defaults> 68*2d543d20SAndroid Build Coastguard Worker <allow_any>no</allow_any> 69*2d543d20SAndroid Build Coastguard Worker <allow_inactive>no</allow_inactive> 70*2d543d20SAndroid Build Coastguard Worker <allow_active>auth_admin_keep</allow_active> 71*2d543d20SAndroid Build Coastguard Worker </defaults> 72*2d543d20SAndroid Build Coastguard Worker </action> 73*2d543d20SAndroid Build Coastguard Worker <action id="org.selinux.change_default_mode"> 74*2d543d20SAndroid Build Coastguard Worker <description>Change SELinux default enforcing mode</description> 75*2d543d20SAndroid Build Coastguard Worker <message>System policy prevents change_default_policy access to SELinux</message> 76*2d543d20SAndroid Build Coastguard Worker <defaults> 77*2d543d20SAndroid Build Coastguard Worker <allow_any>no</allow_any> 78*2d543d20SAndroid Build Coastguard Worker <allow_inactive>no</allow_inactive> 79*2d543d20SAndroid Build Coastguard Worker <allow_active>auth_admin_keep</allow_active> 80*2d543d20SAndroid Build Coastguard Worker </defaults> 81*2d543d20SAndroid Build Coastguard Worker </action> 82*2d543d20SAndroid Build Coastguard Worker</policyconfig> 83