add modemmanager from dan.
This commit is contained in:
Chris PeBenito
parent
e3a90e358a
commit
c141d835f1
@ -13,6 +13,7 @@
|
|||||||
gitosis (Miroslav Grepl)
|
gitosis (Miroslav Grepl)
|
||||||
hddtemp (Dan Walsh)
|
hddtemp (Dan Walsh)
|
||||||
kdump (Dan Walsh)
|
kdump (Dan Walsh)
|
||||||
|
modemmanager(Dan Walsh)
|
||||||
nslcd (Dan Walsh)
|
nslcd (Dan Walsh)
|
||||||
shorewall (Dan Walsh)
|
shorewall (Dan Walsh)
|
||||||
|
|
||||||
|
|||||||
1
policy/modules/services/modemmanager.fc
Normal file
1
policy/modules/services/modemmanager.fc
Normal file
@ -0,0 +1 @@
|
|||||||
|
/usr/sbin/modem-manager -- gen_context(system_u:object_r:modemmanager_exec_t,s0)
|
||||||
40
policy/modules/services/modemmanager.if
Normal file
40
policy/modules/services/modemmanager.if
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
## <summary>Provides a DBus interface to communicate with mobile broadband (GSM, CDMA, UMTS, ...) cards.</summary>
|
||||||
|
|
||||||
|
########################################
|
||||||
|
## <summary>
|
||||||
|
## Execute a domain transition to run modemmanager.
|
||||||
|
## </summary>
|
||||||
|
## <param name="domain">
|
||||||
|
## <summary>
|
||||||
|
## Domain allowed to transition.
|
||||||
|
## </summary>
|
||||||
|
## </param>
|
||||||
|
#
|
||||||
|
interface(`modemmanager_domtrans',`
|
||||||
|
gen_require(`
|
||||||
|
type modemmanager_t, modemmanager_exec_t;
|
||||||
|
')
|
||||||
|
|
||||||
|
domtrans_pattern($1, modemmanager_exec_t, modemmanager_t)
|
||||||
|
')
|
||||||
|
|
||||||
|
########################################
|
||||||
|
## <summary>
|
||||||
|
## Send and receive messages from
|
||||||
|
## modemmanager over dbus.
|
||||||
|
## </summary>
|
||||||
|
## <param name="domain">
|
||||||
|
## <summary>
|
||||||
|
## Domain allowed access.
|
||||||
|
## </summary>
|
||||||
|
## </param>
|
||||||
|
#
|
||||||
|
interface(`modemmanager_dbus_chat',`
|
||||||
|
gen_require(`
|
||||||
|
type modemmanager_t;
|
||||||
|
class dbus send_msg;
|
||||||
|
')
|
||||||
|
|
||||||
|
allow $1 modemmanager_t:dbus send_msg;
|
||||||
|
allow modemmanager_t $1:dbus send_msg;
|
||||||
|
')
|
||||||
40
policy/modules/services/modemmanager.te
Normal file
40
policy/modules/services/modemmanager.te
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
|
||||||
|
policy_module(modemmanager, 1.0.0)
|
||||||
|
|
||||||
|
########################################
|
||||||
|
#
|
||||||
|
# Declarations
|
||||||
|
#
|
||||||
|
|
||||||
|
type modemmanager_t;
|
||||||
|
type modemmanager_exec_t;
|
||||||
|
dbus_system_domain(modemmanager_t, modemmanager_exec_t)
|
||||||
|
typealias modemmanager_t alias ModemManager_t;
|
||||||
|
typealias modemmanager_exec_t alias ModemManager_exec_t;
|
||||||
|
|
||||||
|
########################################
|
||||||
|
#
|
||||||
|
# ModemManager local policy
|
||||||
|
#
|
||||||
|
|
||||||
|
allow modemmanager_t self:fifo_file rw_file_perms;
|
||||||
|
allow modemmanager_t self:unix_stream_socket create_stream_socket_perms;
|
||||||
|
allow modemmanager_t self:netlink_kobject_uevent_socket create_socket_perms;
|
||||||
|
|
||||||
|
kernel_read_system_state(modemmanager_t)
|
||||||
|
|
||||||
|
dev_read_sysfs(modemmanager_t)
|
||||||
|
|
||||||
|
files_read_etc_files(modemmanager_t)
|
||||||
|
|
||||||
|
term_use_unallocated_ttys(modemmanager_t)
|
||||||
|
|
||||||
|
miscfiles_read_localization(modemmanager_t)
|
||||||
|
|
||||||
|
logging_send_syslog_msg(modemmanager_t)
|
||||||
|
|
||||||
|
networkmanager_dbus_chat(modemmanager_t)
|
||||||
|
|
||||||
|
optional_policy(`
|
||||||
|
udev_read_db(modemmanager_t)
|
||||||
|
')
|
||||||
Loading…
Reference in New Issue
Block a user