selinux-policy/policy/modules/services/soundserver.if

## <summary>sound server for network audio server programs, nasd, yiff, etc</summary>

########################################
## <summary>
##	Connect to the sound server over a TCP socket  (Deprecated)
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`soundserver_tcp_connect',`
	refpolicywarn(`$0($*) has been deprecated.')
')

########################################
## <summary>
##	All of the rules required to administrate 
##	an soundd environment
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
## <param name="role">
##	<summary>
##	The role to be allowed to manage the soundd domain.
##	</summary>
## </param>
## <rolecap/>
#
interface(`soundserver_admin',`
	gen_require(`
		type soundd_t, soundd_etc_t, soundd_initrc_exec_t;
		type soundd_tmp_t, soundd_var_run_t;
	')

	allow $1 soundd_t:process { ptrace signal_perms };
	ps_process_pattern($1, soundd_t)

	init_labeled_script_domtrans($1, soundd_initrc_exec_t)
	domain_system_change_exemption($1)
	role_transition $2 soundd_initrc_exec_t system_r;
	allow $2 system_r;

	files_list_etc($1)
	admin_pattern($1, soundd_etc_t)

	files_list_tmp($1)
	admin_pattern($1, soundd_tmp_t)

	files_list_pids($1)
	admin_pattern($1, soundd_var_run_t)
')
add soundserver, bug 1547 2006-04-25 15:13:59 +00:00			`## <summary>sound server for network audio server programs, nasd, yiff, etc</summary>`

			`########################################`
			`## <summary>`
remove dead selopt rules 2006-08-15 20:00:58 +00:00			`## Connect to the sound server over a TCP socket (Deprecated)`
add soundserver, bug 1547 2006-04-25 15:13:59 +00:00			`## </summary>`
			`## <param name="domain">`
			`## <summary>`
			`## Domain allowed access.`
			`## </summary>`
			`## </param>`
			`#`
			interface(`soundserver_tcp_connect',`
remove dead selopt rules 2006-08-15 20:00:58 +00:00			refpolicywarn(`$0($*) has been deprecated.')
add soundserver, bug 1547 2006-04-25 15:13:59 +00:00			`')`
trunk: 21 patches from dan. 2008-10-08 15:50:03 +00:00
			`########################################`
			`## <summary>`
			`## All of the rules required to administrate`
			`## an soundd environment`
			`## </summary>`
			`## <param name="domain">`
			`## <summary>`
			`## Domain allowed access.`
			`## </summary>`
			`## </param>`
			`## <param name="role">`
			`## <summary>`
			`## The role to be allowed to manage the soundd domain.`
			`## </summary>`
			`## </param>`
			`## <rolecap/>`
			`#`
			interface(`soundserver_admin',`
			gen_require(`
Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. Replace type and attributes statements by comma delimiters where possible. 2010-09-20 17:44:58 +00:00			`type soundd_t, soundd_etc_t, soundd_initrc_exec_t;`
trunk: 21 patches from dan. 2008-10-08 15:50:03 +00:00			`type soundd_tmp_t, soundd_var_run_t;`
			`')`

			`allow $1 soundd_t:process { ptrace signal_perms };`
			`ps_process_pattern($1, soundd_t)`

			`init_labeled_script_domtrans($1, soundd_initrc_exec_t)`
			`domain_system_change_exemption($1)`
			`role_transition $2 soundd_initrc_exec_t system_r;`
			`allow $2 system_r;`

			`files_list_etc($1)`
			`admin_pattern($1, soundd_etc_t)`

			`files_list_tmp($1)`
			`admin_pattern($1, soundd_tmp_t)`

			`files_list_pids($1)`
			`admin_pattern($1, soundd_var_run_t)`
			`')`