## Manager for dynamically switching between networks. ######################################## ## ## Read and write NetworkManager UDP sockets. ## ## ## ## Domain allowed access. ## ## # # cjp: added for named. interface(`networkmanager_rw_udp_sockets',` gen_require(` type NetworkManager_t; ') allow $1 NetworkManager_t:udp_socket { read write }; ') ######################################## ## ## Read and write NetworkManager packet sockets. ## ## ## ## Domain allowed access. ## ## # # cjp: added for named. interface(`networkmanager_rw_packet_sockets',` gen_require(` type NetworkManager_t; ') allow $1 NetworkManager_t:packet_socket { read write }; ') ######################################## ## ## Read and write NetworkManager netlink ## routing sockets. ## ## ## ## Domain allowed access. ## ## # # cjp: added for named. interface(`networkmanager_rw_routing_sockets',` gen_require(` type NetworkManager_t; ') allow $1 NetworkManager_t:netlink_route_socket { read write }; ') ######################################## ## ## Execute NetworkManager with a domain transition. ## ## ## ## Domain allowed access. ## ## # interface(`networkmanager_domtrans',` gen_require(` type NetworkManager_t, NetworkManager_exec_t; ') corecmd_search_bin($1) domtrans_pattern($1, NetworkManager_exec_t, NetworkManager_t) ') ######################################## ## ## Send and receive messages from ## NetworkManager over dbus. ## ## ## ## Domain allowed access. ## ## # interface(`networkmanager_dbus_chat',` gen_require(` type NetworkManager_t; class dbus send_msg; ') allow $1 NetworkManager_t:dbus send_msg; allow NetworkManager_t $1:dbus send_msg; ')