add modemmanager from dan.

Changelog

@@ -13,6 +13,7 @@
 	gitosis (Miroslav Grepl)
 	hddtemp (Dan Walsh)
 	kdump (Dan Walsh)
+	modemmanager(Dan Walsh)
 	nslcd (Dan Walsh)
 	shorewall (Dan Walsh)
 

policy/modules/services/modemmanager.fc

@@ -0,0 +1 @@
+/usr/sbin/modem-manager	--	gen_context(system_u:object_r:modemmanager_exec_t,s0)

policy/modules/services/modemmanager.if

@@ -0,0 +1,40 @@
+## <summary>Provides a DBus interface to communicate with mobile broadband (GSM, CDMA, UMTS, ...) cards.</summary>
+
+########################################
+## <summary>
+##	Execute a domain transition to run modemmanager.
+## </summary>
+## <param name="domain">
+## <summary>
+##	Domain allowed to transition.
+## </summary>
+## </param>
+#
+interface(`modemmanager_domtrans',`
+	gen_require(`
+		type modemmanager_t, modemmanager_exec_t;
+	')
+
+	domtrans_pattern($1, modemmanager_exec_t, modemmanager_t)
+')
+
+########################################
+## <summary>
+##	Send and receive messages from
+##	modemmanager over dbus.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`modemmanager_dbus_chat',`
+	gen_require(`
+		type modemmanager_t;
+		class dbus send_msg;
+	')
+
+	allow $1 modemmanager_t:dbus send_msg;
+	allow modemmanager_t $1:dbus send_msg;
+')

policy/modules/services/modemmanager.te

@@ -0,0 +1,40 @@
+
+policy_module(modemmanager, 1.0.0)
+
+########################################
+#
+# Declarations
+#
+
+type modemmanager_t;
+type modemmanager_exec_t;
+dbus_system_domain(modemmanager_t, modemmanager_exec_t)
+typealias modemmanager_t alias ModemManager_t;
+typealias modemmanager_exec_t alias ModemManager_exec_t;
+
+########################################
+#
+# ModemManager local policy
+#
+
+allow modemmanager_t self:fifo_file rw_file_perms;
+allow modemmanager_t self:unix_stream_socket create_stream_socket_perms;
+allow modemmanager_t self:netlink_kobject_uevent_socket create_socket_perms;
+
+kernel_read_system_state(modemmanager_t)
+
+dev_read_sysfs(modemmanager_t)
+
+files_read_etc_files(modemmanager_t)
+
+term_use_unallocated_ttys(modemmanager_t)
+
+miscfiles_read_localization(modemmanager_t)
+
+logging_send_syslog_msg(modemmanager_t)
+
+networkmanager_dbus_chat(modemmanager_t)
+
+optional_policy(`
+	udev_read_db(modemmanager_t)
+')