diff options
| author | John Turner <jturner.usa@gmail.com> | 2025-08-26 02:03:35 -0400 |
|---|---|---|
| committer | John Turner <jturner.usa@gmail.com> | 2025-08-26 02:07:41 -0400 |
| commit | 52a2cae0b3583d4148cbc183f6ce551f94ae3676 (patch) | |
| tree | 60389f6ef604945e337ee890ccf10c493ab9e2a0 /blog/access-control/xdgfile.cil | |
| parent | daa0086eff780285f273cc4af527a091133eef72 (diff) | |
| download | website-52a2cae0b3583d4148cbc183f6ce551f94ae3676.tar.gz | |
create blog post about access control methods
Diffstat (limited to 'blog/access-control/xdgfile.cil')
| -rw-r--r-- | blog/access-control/xdgfile.cil | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/blog/access-control/xdgfile.cil b/blog/access-control/xdgfile.cil new file mode 100644 index 0000000..67f5e31 --- /dev/null +++ b/blog/access-control/xdgfile.cil @@ -0,0 +1,47 @@ +;; create out xdg namespace +(block xdg + ;; we will create a subnamespace for each xdg file type (e.g config, cache, share, state) + (block config + ;; this next block isn't technically required but it shows that we are a subtype of .file.home + (block home + ;; create a macro to allow type transitions for files in our context + (macro file_type_transition_file ((type ARG1) (class ARG2) (name ARG3)) + (call .home.file_type_transition_file (ARG1 file ARG2 ARG3))) + + ;; inherit the template which defines some types for us and also provides some macros + (blockinherit .file.home.template) + + ;; define a context for the ~/.cache directory itself + ;; hint: HOME_DIR is one of the few variables that can be interpolated into strings + (filecon "HOME_DIR/\.config" dir file_context) + (filecon "HOME_DIR/\.config/.*" file file_context))) + + (block cache + (block home + (macro file_type_transition_file ((type ARG1) (class ARG2) (name ARG3)) + (call .home.file_type_transition_file (ARG1 file ARG2 ARG3))) + + (blockinherit .file.home.template) + + (filecon "HOME_DIR/\.cache" dir file_context) + (filecon "HOME_DIR/\.cache/.*" file file_context))) + + (block share + (block home + (macro file_type_transition_file ((type ARG1) (class ARG2) (name ARG3)) + (call .home.file_type_transition_file (ARG1 file ARG2 ARG3))) + + (blockinherit .file.home.template) + + (filecon "HOME_DIR/\.local/share" dir file_context) + (filecon "HOME_DIR/\.local/share/.*" file file_context))) + + (block state + (block home + (macro file_type_transition_file ((type ARG1) (class ARG2) (name ARG3)) + (call .home.file_type_transition_file (ARG1 file ARG2 ARG3))) + + (blockinherit .file.home.template) + + (filecon "HOME_DIR/\.local/state" dir file_context) + (filecon "HOME_DIR/\.local/state/.*" file file_context)))) |