## policy for ajaxterm
########################################
##
## Execute a domain transition to run ajaxterm.
##
##
##
## Domain allowed access.
##
##
#
interface(`ajaxterm_domtrans',`
gen_require(`
type ajaxterm_t, ajaxterm_exec_t;
')
domtrans_pattern($1, ajaxterm_exec_t, ajaxterm_t)
')
########################################
##
## Execute ajaxterm server in the ajaxterm domain.
##
##
##
## The type of the process performing this action.
##
##
#
interface(`ajaxterm_initrc_domtrans',`
gen_require(`
type ajaxterm_initrc_exec_t;
')
init_labeled_script_domtrans($1, ajaxterm_initrc_exec_t)
')
########################################
##
## All of the rules required to administrate
## an ajaxterm environment
##
##
##
## Domain allowed access.
##
##
##
##
## Role allowed access.
##
##
##
#
interface(`ajaxterm_admin',`
gen_require(`
type ajaxterm_t;
type ajaxterm_initrc_exec_t;
')
allow $1 ajaxterm_t:process { ptrace signal_perms };
ps_process_pattern($1, ajaxterm_t)
ajaxterm_initrc_domtrans($1)
domain_system_change_exemption($1)
role_transition $2 ajaxterm_initrc_exec_t system_r;
allow $2 system_r;
')