1 files changed, 67 insertions, 0 deletions

diff --git a/policy/modules/contrib/inn.fc b/policy/modules/contrib/inn.fc
new file mode 100644
index 000000000..8ca038d76
--- /dev/null
+++ b/policy/modules/contrib/inn.fc
@@ -0,0 +1,67 @@
+
+#
+# /etc
+#
+/etc/news(/.*)?				gen_context(system_u:object_r:innd_etc_t,s0)
+/etc/news/boot		--		gen_context(system_u:object_r:innd_exec_t,s0)
+/etc/rc\.d/init\.d/innd	--		gen_context(system_u:object_r:innd_initrc_exec_t,s0)
+
+#
+# /usr
+#
+/usr/bin/inews		--		gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/bin/rnews		--		gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/bin/rpost		--		gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/bin/suck		--		gen_context(system_u:object_r:innd_exec_t,s0)
+
+/usr/sbin/in\.nnrpd	--		gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/sbin/innd.*	--		gen_context(system_u:object_r:innd_exec_t,s0)
+
+/var/lib/news(/.*)?			gen_context(system_u:object_r:innd_var_lib_t,s0)
+
+/usr/lib(64)?/news/bin/actsync	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/archive	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/batcher	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/buffchan	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/convdate	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/ctlinnd	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/cvtbatch	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/expire	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/expireover --	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/fastrm	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/filechan	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/getlist	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/grephistory --	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/inews	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/innconfval --	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/inndf	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/inndstart --	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/innfeed	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/innxbatch --	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/innxmit	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/makedbz	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/makehistory --	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/newsrequeue --	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/nnrpd	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/nntpget	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/ovdb_recover --	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/overchan	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/prunehistory --	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/rnews	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/shlock	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/shrinkfile --	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib(64)?/news/bin/startinnfeed --	gen_context(system_u:object_r:innd_exec_t,s0)
+
+# cjp: split these to fix an ordering
+# problem with a match in corecommands
+/usr/lib/news/bin/innd 		--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib/news/bin/sm		--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib64/news/bin/innd 	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib64/news/bin/sm		--	gen_context(system_u:object_r:innd_exec_t,s0)
+
+/var/log/news(/.*)?			gen_context(system_u:object_r:innd_log_t,s0)
+
+/var/run/innd(/.*)?			gen_context(system_u:object_r:innd_var_run_t,s0)
+/var/run/news(/.*)?	 		gen_context(system_u:object_r:innd_var_run_t,s0)
+
+/var/spool/news(/.*)?			gen_context(system_u:object_r:news_spool_t,s0)