selinux-policy/policy/modules/services/ifplugd.if

## <summary>Bring up/down ethernet interfaces based on cable detection.</summary>

########################################
## <summary>
##	Execute a domain transition to run ifplugd.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed to transition.
##	</summary>
## </param>
#
interface(`ifplugd_domtrans',`
	gen_require(`
		type ifplugd_t, ifplugd_exec_t;
	')

	domtrans_pattern($1, ifplugd_exec_t, ifplugd_t)
')

########################################
## <summary>
##	Send a generic signal to ifplugd
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`ifplugd_signal',`
	gen_require(`
		type ifplugd_t;
	')

	allow $1 ifplugd_t:process signal;
')

########################################
## <summary>
##	Read ifplugd etc configuration files.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`ifplugd_read_config',`
	gen_require(`
		type ifplugd_etc_t;
	')

	files_search_etc($1)
	read_files_pattern($1, ifplugd_etc_t, ifplugd_etc_t)
')

########################################
## <summary>
##	Manage ifplugd etc configuration files.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`ifplugd_manage_config',`
	gen_require(`
		type ifplugd_etc_t;
	')

	files_search_etc($1)
	manage_dirs_pattern($1, ifplugd_etc_t, ifplugd_etc_t)
	manage_files_pattern($1, ifplugd_etc_t, ifplugd_etc_t)
')

########################################
## <summary>
##	Read ifplugd PID files.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`ifplugd_read_pid_files',`
	gen_require(`
		type ifplugd_var_run_t;
	')

	files_search_pids($1)
	allow $1 ifplugd_var_run_t:file read_file_perms;
')

########################################
## <summary>
##	All of the rules required to administrate 
##	an ifplugd environment
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
## <param name="role">
##	<summary>
##	The role to be allowed to manage the ifplugd domain.
##	</summary>
## </param>
## <rolecap/>
#
interface(`ifplugd_admin',`
	gen_require(`
		type ifplugd_t, ifplugd_etc_t, ifplugd_var_run_t;
		type ifplugd_initrc_exec_t;
	')

	allow $1 ifplugd_t:process { ptrace signal_perms };
	ps_process_pattern($1, ifplugd_t)

	init_labeled_script_domtrans($1, ifplugd_initrc_exec_t)
	domain_system_change_exemption($1)
	role_transition $2 ifplugd_initrc_exec_t system_r;
	allow $2 system_r;

	files_list_etc($1)
	admin_pattern($1, ifplugd_etc_t)

	files_list_pids($1)
	admin_pattern($1, ifplugd_var_run_t)
')
trunk: 5 modules from dan. 2009-04-20 19:03:15 +00:00			`## <summary>Bring up/down ethernet interfaces based on cable detection.</summary>`

			`########################################`
			`## <summary>`
			`## Execute a domain transition to run ifplugd.`
			`## </summary>`
			`## <param name="domain">`
Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. 2010-09-20 09:48:51 +00:00			`## <summary>`
trunk: 5 modules from dan. 2009-04-20 19:03:15 +00:00			`## Domain allowed to transition.`
Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. 2010-09-20 09:48:51 +00:00			`## </summary>`
trunk: 5 modules from dan. 2009-04-20 19:03:15 +00:00			`## </param>`
			`#`
			interface(`ifplugd_domtrans',`
			gen_require(`
			`type ifplugd_t, ifplugd_exec_t;`
			`')`

			`domtrans_pattern($1, ifplugd_exec_t, ifplugd_t)`
			`')`

			`########################################`
			`## <summary>`
			`## Send a generic signal to ifplugd`
			`## </summary>`
			`## <param name="domain">`
			`## <summary>`
			`## Domain allowed access.`
			`## </summary>`
			`## </param>`
			`#`
			interface(`ifplugd_signal',`
			gen_require(`
			`type ifplugd_t;`
			`')`

			`allow $1 ifplugd_t:process signal;`
			`')`

			`########################################`
			`## <summary>`
			`## Read ifplugd etc configuration files.`
			`## </summary>`
			`## <param name="domain">`
			`## <summary>`
			`## Domain allowed access.`
			`## </summary>`
			`## </param>`
			`#`
			interface(`ifplugd_read_config',`
			gen_require(`
			`type ifplugd_etc_t;`
			`')`

			`files_search_etc($1)`
			`read_files_pattern($1, ifplugd_etc_t, ifplugd_etc_t)`
			`')`

			`########################################`
			`## <summary>`
			`## Manage ifplugd etc configuration files.`
			`## </summary>`
			`## <param name="domain">`
			`## <summary>`
			`## Domain allowed access.`
			`## </summary>`
			`## </param>`
			`#`
			interface(`ifplugd_manage_config',`
			gen_require(`
			`type ifplugd_etc_t;`
			`')`

			`files_search_etc($1)`
			`manage_dirs_pattern($1, ifplugd_etc_t, ifplugd_etc_t)`
			`manage_files_pattern($1, ifplugd_etc_t, ifplugd_etc_t)`
			`')`

			`########################################`
			`## <summary>`
			`## Read ifplugd PID files.`
			`## </summary>`
			`## <param name="domain">`
			`## <summary>`
			`## Domain allowed access.`
			`## </summary>`
			`## </param>`
			`#`
			interface(`ifplugd_read_pid_files',`
			gen_require(`
			`type ifplugd_var_run_t;`
			`')`

			`files_search_pids($1)`
			`allow $1 ifplugd_var_run_t:file read_file_perms;`
			`')`

			`########################################`
			`## <summary>`
			`## All of the rules required to administrate`
			`## an ifplugd environment`
			`## </summary>`
			`## <param name="domain">`
			`## <summary>`
			`## Domain allowed access.`
			`## </summary>`
			`## </param>`
			`## <param name="role">`
			`## <summary>`
			`## The role to be allowed to manage the ifplugd domain.`
			`## </summary>`
			`## </param>`
			`## <rolecap/>`
			`#`
			interface(`ifplugd_admin',`
			gen_require(`
Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Syntax error. Squash me with 959aa527a5394d23b994ecf75347d2445106d0c4 Replace type and attributes statements by comma delimiters where possible. Syntax error. Squach me with 779a708452142d6e4ac2ba2a158f724782a03291 Replace type and attributes statements by comma delimiters where possible. Syntax error. Squash me with 89180ea115794aadddaa9b356ab1dfcdc9ff102 2010-09-20 10:09:09 +00:00			`type ifplugd_t, ifplugd_etc_t, ifplugd_var_run_t;`
			`type ifplugd_initrc_exec_t;`
trunk: 5 modules from dan. 2009-04-20 19:03:15 +00:00			`')`

			`allow $1 ifplugd_t:process { ptrace signal_perms };`
			`ps_process_pattern($1, ifplugd_t)`

			`init_labeled_script_domtrans($1, ifplugd_initrc_exec_t)`
			`domain_system_change_exemption($1)`
			`role_transition $2 ifplugd_initrc_exec_t system_r;`
			`allow $2 system_r;`

			`files_list_etc($1)`
			`admin_pattern($1, ifplugd_etc_t)`

			`files_list_pids($1)`
			`admin_pattern($1, ifplugd_var_run_t)`
			`')`