#DESC Chroot - Establish chroot environments
#
# Author: Russell Coker <russell@coker.com.au>
# X-Debian-Packages: 
#
type chroot_exec_t, file_type, sysadmfile, exec_type;

# For a chroot environment named potato that can be entered from user_t (so
# the user can run an old version of Debian in a chroot), with the possibility
# of user_devpts_t or user_tty_device_t being the controlling tty type for
# administration.  This also defines a mount_domain for the user (so they can
# mount file systems).
#chroot(user, potato)
# For a chroot environment named apache that can be entered from initrc_t for
# running a different version of apache.
# initrc is a special case, uses the system_r role (usually appends "_r" to
# the base name of the parent domain), and has sysadm_devpts_t and
# sysadm_tty_device_t for the controlling terminal
#chroot(initrc, apache)

# the main code is in macros/program/chroot_macros.te