selinux-policy/policy/modules/roles/dbadm.if

## <summary>Database administrator role</summary>

########################################
## <summary>
##	Change to the database administrator role.
## </summary>
## <param name="role">
##	<summary>
##	Role allowed access.
##	</summary>
## </param>
## <rolecap/>
#
interface(`dbadm_role_change',`
	gen_require(`
		role dbadm_r;
	')

	allow $1 dbadm_r;
')

########################################
## <summary>
##	Change from the database administrator role.
## </summary>
## <desc>
##	<p>
##	Change from the web administrator role to
##	the specified role.
##	</p>
##	<p>
##	This is an interface to support third party modules
##	and its use is not allowed in upstream reference
##	policy.
##	</p>
## </desc>
## <param name="role">
##	<summary>
##	Role allowed access.
##	</summary>
## </param>
## <rolecap/>
#
interface(`dbadm_role_change_to',`
	gen_require(`
		role dbadm_r;
	')

	allow dbadm_r $1;
')