# # GNOME VFS daemon # # Author: Ivan Gyurdiev <ivg2@cornell.edu> # ####################################### # gnome_vfs_domain(role_prefix) # define(`gnome_vfs_domain', ` # Type for daemon type $1_gnome_vfs_t, domain, nscd_client_domain; # GNOME, dbus gnome_application($1_gnome_vfs, $1) dbusd_client(system, $1_gnome_vfs) allow $1_gnome_vfs_t system_dbusd_t:dbus send_msg; ifdef(`hald.te', ` allow $1_gnome_vfs_t hald_t:dbus send_msg; allow hald_t $1_gnome_vfs_t:dbus send_msg; ') # Transition from user type domain_auto_trans($1_t, gnome_vfs_exec_t, $1_gnome_vfs_t) role $1_r types $1_gnome_vfs_t; # Stat top level directories on mount_points (check free space?) allow $1_gnome_vfs_t { fs_type default_t boot_t home_root_t device_t }:dir getattr; # Search path to /home (??) allow $1_gnome_vfs_t home_root_t:dir search; allow $1_gnome_vfs_t $1_home_dir_t:dir search; # Search path to rpc_pipefs mount point (??) allow $1_gnome_vfs_t var_lib_nfs_t:dir search; allow $1_gnome_vfs_t var_lib_t:dir search; # Search libexec (??) allow $1_gnome_vfs_t bin_t:dir search; can_exec($1_gnome_vfs_t, bin_t) ') dnl gnome_vfs_domain ##################################### # gnome_vfs_client(prefix, role_prefix) # define(`gnome_vfs_client', ` # Connect over bonobo bonobo_connect($1, $2_gnome_vfs) ') dnl gnome_vfs_client