Pulseaudio network sound server.

######################################## ##

## Role access for pulseaudio ##

## ##

## Role allowed access ##

## ## ##

## User domain for the role ##

## # interface(`pulseaudio_role',` gen_require(` type pulseaudio_t, pulseaudio_exec_t, print_spool_t; class dbus { send_msg }; ') role $1 types pulseaudio_t; # Transition from the user domain to the derived domain. domtrans_pattern($2, pulseaudio_exec_t, pulseaudio_t) ps_process_pattern($2, pulseaudio_t) allow pulseaudio_t $2:process { signal signull }; allow $2 pulseaudio_t:process { signal signull }; ps_process_pattern(pulseaudio_t, $2) allow pulseaudio_t $2:unix_stream_socket connectto; allow $2 pulseaudio_t:unix_stream_socket connectto; userdom_manage_home_role($1, pulseaudio_t) userdom_manage_tmp_role($1, pulseaudio_t) userdom_manage_tmpfs_role($1, pulseaudio_t) allow $2 pulseaudio_t:dbus send_msg; allow pulseaudio_t $2:dbus send_msg; ') ######################################## ##

## Execute a domain transition to run pulseaudio. ##

## ##

## Domain allowed to transition. ##

## # interface(`pulseaudio_domtrans',` gen_require(` type pulseaudio_t, pulseaudio_exec_t; ') domtrans_pattern($1,pulseaudio_exec_t,pulseaudio_t) ') ######################################## ##

## Execute pulseaudio in the pulseaudio domain, and ## allow the specified role the pulseaudio domain. ##

## ##

## Domain allowed access. ##

## ## ##

## The role to be allowed the pulseaudio domain. ##

## # interface(`pulseaudio_run',` gen_require(` type pulseaudio_t; ') pulseaudio_domtrans($1) role $2 types pulseaudio_t; ') ######################################## ##

## Execute a pulseaudio in the current domain ##

## ##

## Domain allowed to transition. ##

## # interface(`pulseaudio_exec',` gen_require(` type pulseaudio_exec_t; ') can_exec($1,pulseaudio_exec_t) ') ######################################## ##

## Send and receive messages from ## pulseaudio over dbus. ##

## ##

## Domain allowed access. ##

## # interface(`pulseaudio_dbus_chat',` gen_require(` type pulseaudio_t; class dbus send_msg; ') allow $1 pulseaudio_t:dbus send_msg; allow pulseaudio_t $1:dbus send_msg; ') ######################################## ##

## pulsaudio connection template. ##

## ##

## The type of the user domain. ##

## # interface(`pulseaudio_stream_connect',` gen_require(` type pulseaudio_t; ') allow $1 pulseaudio_t:process signull; allow $1 pulseaudio_t:unix_stream_socket connectto; ')