selinux-policy/policy/modules/services/mock.if

## <summary>policy for mock</summary>

########################################
## <summary>
##	Execute a domain transition to run mock.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed to transition.
##	</summary>
## </param>
#
interface(`mock_domtrans',`
	gen_require(`
		type mock_t, mock_exec_t;
	')

	domtrans_pattern($1, mock_exec_t, mock_t)
')

########################################
## <summary>
##	Search mock lib directories.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`mock_search_lib',`
	gen_require(`
		type mock_var_lib_t;
	')

	allow $1 mock_var_lib_t:dir search_dir_perms;
	files_search_var_lib($1)
')

########################################
## <summary>
##	Read mock lib files.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`mock_read_lib_files',`
	gen_require(`
		type mock_var_lib_t;
	')

	files_search_var_lib($1)
	read_files_pattern($1, mock_var_lib_t, mock_var_lib_t)
')

########################################
## <summary>
##	Create, read, write, and delete
##	mock lib files.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`mock_manage_lib_files',`
	gen_require(`
		type mock_var_lib_t;
	')

	files_search_var_lib($1)
	manage_files_pattern($1, mock_var_lib_t, mock_var_lib_t)
')

########################################
## <summary>
##	Manage mock lib dirs files.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`mock_manage_lib_dirs',`
	gen_require(`
		type mock_var_lib_t;
	')

	files_search_var_lib($1)
	manage_dirs_pattern($1, mock_var_lib_t, mock_var_lib_t)
')

#########################################
## <summary>
##	Manage mock lib symlinks.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`mock_manage_lib_symlinks',`
	gen_require(`
		type mock_var_lib_t;
	')

	files_search_var_lib($1)
	manage_lnk_files_pattern($1, mock_var_lib_t, mock_var_lib_t)
')

########################################
## <summary>
##	Manage mock lib files.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`mock_manage_lib_chr_files',`
	gen_require(`
		type mock_var_lib_t;
	')

	files_search_var_lib($1)
	manage_chr_files_pattern($1, mock_var_lib_t, mock_var_lib_t)
')

########################################
## <summary>
##	Execute mock in the mock domain, and
##	allow the specified role the mock domain.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access
##	</summary>
## </param>
## <param name="role">
##	<summary>
##	The role to be allowed the mock domain.
##	</summary>
## </param>
#
interface(`mock_run',`
	gen_require(`
		type mock_t;
	')

	mock_domtrans($1)
	role $2 types mock_t;
')

########################################
## <summary>
##	Role access for mock
## </summary>
## <param name="role">
##	<summary>
##	Role allowed access
##	</summary>
## </param>
## <param name="domain">
##	<summary>
##	User domain for the role
##	</summary>
## </param>
#
interface(`mock_role',`
	gen_require(`
		type mock_t;
	')

	role $1 types mock_t;

	mock_domtrans($2)

	ps_process_pattern($2, mock_t)
	allow $2 mock_t:process { ptrace signal_perms };
')

#######################################
## <summary>
##	Send a generic signal to mock.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`mock_signal',`
	gen_require(`
		type mock_t;
	')

	allow $1 mock_t:process signal;
')

########################################
## <summary>
##	All of the rules required to administrate 
##	an mock environment
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
## <param name="role">
##	<summary>
##	Role allowed access.
##	</summary>
## </param>
## <rolecap/>
#
interface(`mock_admin',`
	gen_require(`
		type mock_t, mock_var_lib_t;
	')

	allow $1 mock_t:process { ptrace signal_perms };
	ps_process_pattern($1, mock_t)

	files_search_var_lib($1)
	admin_pattern($1, mock_var_lib_t)
')
UPdate for f14 policy 2010-08-26 13:41:21 +00:00			`## <summary>policy for mock</summary>`

			`########################################`
			`## <summary>`
			`## Execute a domain transition to run mock.`
			`## </summary>`
			`## <param name="domain">`
Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. 2010-09-20 09:48:51 +00:00			`## <summary>`
UPdate for f14 policy 2010-08-26 13:41:21 +00:00			`## Domain allowed to transition.`
Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. 2010-09-20 09:48:51 +00:00			`## </summary>`
UPdate for f14 policy 2010-08-26 13:41:21 +00:00			`## </param>`
			`#`
			interface(`mock_domtrans',`
			gen_require(`
			`type mock_t, mock_exec_t;`
			`')`

			`domtrans_pattern($1, mock_exec_t, mock_t)`
			`')`

			`########################################`
			`## <summary>`
			`## Search mock lib directories.`
			`## </summary>`
			`## <param name="domain">`
			`## <summary>`
			`## Domain allowed access.`
			`## </summary>`
			`## </param>`
			`#`
			interface(`mock_search_lib',`
			gen_require(`
			`type mock_var_lib_t;`
			`')`

			`allow $1 mock_var_lib_t:dir search_dir_perms;`
			`files_search_var_lib($1)`
			`')`

			`########################################`
			`## <summary>`
			`## Read mock lib files.`
			`## </summary>`
			`## <param name="domain">`
			`## <summary>`
			`## Domain allowed access.`
			`## </summary>`
			`## </param>`
			`#`
			interface(`mock_read_lib_files',`
			gen_require(`
			`type mock_var_lib_t;`
			`')`

			`files_search_var_lib($1)`
Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. 2010-09-20 09:48:51 +00:00			`read_files_pattern($1, mock_var_lib_t, mock_var_lib_t)`
UPdate for f14 policy 2010-08-26 13:41:21 +00:00			`')`

			`########################################`
			`## <summary>`
			`## Create, read, write, and delete`
			`## mock lib files.`
			`## </summary>`
			`## <param name="domain">`
			`## <summary>`
			`## Domain allowed access.`
			`## </summary>`
			`## </param>`
			`#`
			interface(`mock_manage_lib_files',`
			gen_require(`
			`type mock_var_lib_t;`
			`')`

			`files_search_var_lib($1)`
Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. 2010-09-20 09:48:51 +00:00			`manage_files_pattern($1, mock_var_lib_t, mock_var_lib_t)`
UPdate for f14 policy 2010-08-26 13:41:21 +00:00			`')`

			`########################################`
			`## <summary>`
			`## Manage mock lib dirs files.`
			`## </summary>`
			`## <param name="domain">`
			`## <summary>`
			`## Domain allowed access.`
			`## </summary>`
			`## </param>`
			`#`
			interface(`mock_manage_lib_dirs',`
			gen_require(`
			`type mock_var_lib_t;`
			`')`

			`files_search_var_lib($1)`
Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. 2010-09-20 09:48:51 +00:00			`manage_dirs_pattern($1, mock_var_lib_t, mock_var_lib_t)`
UPdate for f14 policy 2010-08-26 13:41:21 +00:00			`')`

			`#########################################`
			`## <summary>`
			`## Manage mock lib symlinks.`
			`## </summary>`
			`## <param name="domain">`
			`## <summary>`
			`## Domain allowed access.`
			`## </summary>`
			`## </param>`
			`#`
			interface(`mock_manage_lib_symlinks',`
			gen_require(`
			`type mock_var_lib_t;`
			`')`

			`files_search_var_lib($1)`
Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. 2010-09-20 09:48:51 +00:00			`manage_lnk_files_pattern($1, mock_var_lib_t, mock_var_lib_t)`
UPdate for f14 policy 2010-08-26 13:41:21 +00:00			`')`

			`########################################`
			`## <summary>`
			`## Manage mock lib files.`
			`## </summary>`
			`## <param name="domain">`
			`## <summary>`
			`## Domain allowed access.`
			`## </summary>`
			`## </param>`
			`#`
			interface(`mock_manage_lib_chr_files',`
			gen_require(`
			`type mock_var_lib_t;`
			`')`

			`files_search_var_lib($1)`
Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. 2010-09-20 09:48:51 +00:00			`manage_chr_files_pattern($1, mock_var_lib_t, mock_var_lib_t)`
UPdate for f14 policy 2010-08-26 13:41:21 +00:00			`')`

			`########################################`
			`## <summary>`
			`## Execute mock in the mock domain, and`
			`## allow the specified role the mock domain.`
			`## </summary>`
			`## <param name="domain">`
			`## <summary>`
			`## Domain allowed access`
			`## </summary>`
			`## </param>`
			`## <param name="role">`
			`## <summary>`
			`## The role to be allowed the mock domain.`
			`## </summary>`
			`## </param>`
			`#`
			interface(`mock_run',`
			gen_require(`
			`type mock_t;`
			`')`

			`mock_domtrans($1)`
			`role $2 types mock_t;`
			`')`

			`########################################`
			`## <summary>`
			`## Role access for mock`
			`## </summary>`
			`## <param name="role">`
			`## <summary>`
			`## Role allowed access`
			`## </summary>`
			`## </param>`
			`## <param name="domain">`
			`## <summary>`
			`## User domain for the role`
			`## </summary>`
			`## </param>`
			`#`
			interface(`mock_role',`
			gen_require(`
Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. 2010-09-20 09:48:51 +00:00			`type mock_t;`
UPdate for f14 policy 2010-08-26 13:41:21 +00:00			`')`

			`role $1 types mock_t;`

			`mock_domtrans($2)`

			`ps_process_pattern($2, mock_t)`
Allow users to ptrace and send any signal to their lpd agent. Allow users to ptrace and send any signal to their mock agent. 2010-09-20 10:48:26 +00:00			`allow $2 mock_t:process { ptrace signal_perms };`
UPdate for f14 policy 2010-08-26 13:41:21 +00:00			`')`

			`#######################################`
			`## <summary>`
			`## Send a generic signal to mock.`
			`## </summary>`
			`## <param name="domain">`
			`## <summary>`
			`## Domain allowed access.`
			`## </summary>`
			`## </param>`
			`#`
			interface(`mock_signal',`
			gen_require(`
			`type mock_t;`
			`')`

			`allow $1 mock_t:process signal;`
			`')`

			`########################################`
			`## <summary>`
			`## All of the rules required to administrate`
			`## an mock environment`
			`## </summary>`
			`## <param name="domain">`
			`## <summary>`
			`## Domain allowed access.`
			`## </summary>`
			`## </param>`
			`## <param name="role">`
			`## <summary>`
			`## Role allowed access.`
			`## </summary>`
			`## </param>`
			`## <rolecap/>`
			`#`
			interface(`mock_admin',`
			gen_require(`
Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Syntax error. Squash me with 959aa527a5394d23b994ecf75347d2445106d0c4 Replace type and attributes statements by comma delimiters where possible. Syntax error. Squach me with 779a708452142d6e4ac2ba2a158f724782a03291 Replace type and attributes statements by comma delimiters where possible. Syntax error. Squash me with 89180ea115794aadddaa9b356ab1dfcdc9ff102 2010-09-20 10:09:09 +00:00			`type mock_t, mock_var_lib_t;`
UPdate for f14 policy 2010-08-26 13:41:21 +00:00			`')`

			`allow $1 mock_t:process { ptrace signal_perms };`
			`ps_process_pattern($1, mock_t)`

			`files_search_var_lib($1)`
			`admin_pattern($1, mock_var_lib_t)`
			`')`