From d0b6abebb938c92e6cd636d6fd8d1f5b5f37b5a1 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Mon, 2 May 2005 18:40:05 +0000
Subject: [PATCH] add in use and ignore use init control channel interfaces

---
 refpolicy/policy/modules/system/init.if | 29 +++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/refpolicy/policy/modules/system/init.if b/refpolicy/policy/modules/system/init.if
index 8b2e2f23..60a3bea9 100644
--- a/refpolicy/policy/modules/system/init.if
+++ b/refpolicy/policy/modules/system/init.if
@@ -32,6 +32,35 @@ type initctl_t;
 class fifo_file getattr;
 ')
 
+########################################
+#
+# init_use_control_channel(domain)
+#
+define(`init_use_control_channel',`
+requires_block_template(init_use_control_channel_depend)
+allow $1 initctl_t:fifo_file { getattr read write };
+devices_list_device_nodes($1)
+')
+
+define(`init_use_control_channel_depend',`
+type initctl_t;
+class fifo_file { getattr read write };
+')
+
+########################################
+#
+# init_ignore_use_control_channel(domain)
+#
+define(`init_ignore_use_control_channel',`
+requires_block_template(init_ignore_use_control_channel_depend)
+dontaudit $1 initctl_t:fifo_file { read write };
+')
+
+define(`init_ignore_use_control_channel_depend',`
+type initctl_t;
+class fifo_file { read write };
+')
+
 ########################################
 #
 # init_sigchld(domain,[`optional'])