policy_module(alsa,1.2.0)

########################################
#
# Declarations
#

type alsa_t;
type alsa_exec_t;
application_domain(alsa_t, alsa_exec_t)
role system_r types alsa_t;

type alsa_etc_rw_t;
files_type(alsa_etc_rw_t)

########################################
#
# Local policy
#

allow alsa_t self:capability { setgid setuid ipc_owner };
dontaudit alsa_t self:capability sys_admin;
allow alsa_t self:sem create_sem_perms;
allow alsa_t self:shm create_shm_perms;
allow alsa_t self:unix_stream_socket create_stream_socket_perms;
allow alsa_t self:unix_dgram_socket create_socket_perms;

manage_files_pattern(alsa_t,alsa_etc_rw_t,alsa_etc_rw_t)
manage_lnk_files_pattern(alsa_t,alsa_etc_rw_t,alsa_etc_rw_t)

files_read_etc_files(alsa_t)

term_use_generic_ptys(alsa_t)
term_dontaudit_use_unallocated_ttys(alsa_t)

libs_use_ld_so(alsa_t)
libs_use_shared_libs(alsa_t)

logging_send_syslog_msg(alsa_t)

miscfiles_read_localization(alsa_t)

userdom_manage_unpriv_user_semaphores(alsa_t)
userdom_manage_unpriv_user_shared_mem(alsa_t)

optional_policy(`
	nscd_socket_use(alsa_t)
')