## <summary>Prelink ELF shared library mappings.</summary> ######################################## ## <summary> ## Execute the prelink program in the prelink domain. ## </summary> ## <param name="domain"> ## Domain allowed access. ## </param> # interface(`prelink_domtrans',` gen_require(` type prelink_t, prelink_exec_t; ') corecmd_search_sbin($1) domain_auto_trans($1, prelink_exec_t, prelink_t) allow $1 prelink_t:fd use; allow prelink_t $1:fd use; allow prelink_t $1:fifo_file rw_file_perms; allow prelink_t $1:process sigchld; ') ######################################## ## <summary> ## Make the specified file type prelinkable. ## </summary> ## <param name="file_type"> ## File type to be prelinked. ## </param> # # cjp: added for misc non-entrypoint objects interface(`prelink_object_file',` gen_require(` attribute prelink_object; ') typeattribute $1 prelink_object; ') ######################################## ## <summary> ## Read the prelink cache. ## </summary> ## <param name="file_type"> ## Domain allowed access. ## </param> # interface(`prelink_read_cache',` gen_require(` type prelink_cache_t; ') files_search_etc($1) allow $1 prelink_cache_t:file { getattr read }; ') ######################################## ## <summary> ## Delete the prelink cache. ## </summary> ## <param name="file_type"> ## Domain allowed access. ## </param> # interface(`prelink_delete_cache',` gen_require(` type prelink_cache_t; ') allow $1 prelink_cache_t:file unlink; ') ######################################## ## <summary> ## Create, read, write, and delete ## prelink log files. ## </summary> ## <param name="file_type"> ## Domain allowed access. ## </param> # interface(`prelink_manage_log',` gen_require(` type prelink_log_t; ') logging_search_logs($1) allow $1 prelink_log_t:dir rw_dir_perms; allow $1 prelink_log_t:file create_file_perms; ')