## Prelink ELF shared library mappings.
########################################
##
## Execute the prelink program in the prelink domain.
##
##
##
## Domain allowed access.
##
##
#
interface(`prelink_domtrans',`
gen_require(`
type prelink_t, prelink_exec_t;
')
corecmd_search_bin($1)
domtrans_pattern($1, prelink_exec_t, prelink_t)
')
########################################
##
## Execute the prelink program in the prelink domain.
##
##
##
## Domain allowed access.
##
##
##
##
## The role to allow the prelink domain.
##
##
##
##
## The type of the terminal allow the prelink domain to use.
##
##
##
#
interface(`prelink_run',`
gen_require(`
type prelink_t;
')
prelink_domtrans($1)
role $2 types prelink_t;
allow prelink_t $3:chr_file rw_term_perms;
')
########################################
##
## Make the specified file type prelinkable.
##
##
##
## File type to be prelinked.
##
##
#
# cjp: added for misc non-entrypoint objects
interface(`prelink_object_file',`
gen_require(`
attribute prelink_object;
')
typeattribute $1 prelink_object;
')
########################################
##
## Read the prelink cache.
##
##
##
## Domain allowed access.
##
##
#
interface(`prelink_read_cache',`
gen_require(`
type prelink_cache_t;
')
files_search_etc($1)
allow $1 prelink_cache_t:file { getattr read };
')
########################################
##
## Delete the prelink cache.
##
##
##
## Domain allowed access.
##
##
#
interface(`prelink_delete_cache',`
gen_require(`
type prelink_cache_t;
')
allow $1 prelink_cache_t:file unlink;
files_rw_etc_dirs($1)
')
########################################
##
## Create, read, write, and delete
## prelink log files.
##
##
##
## Domain allowed access.
##
##
#
interface(`prelink_manage_log',`
gen_require(`
type prelink_log_t;
')
logging_search_logs($1)
manage_files_pattern($1,prelink_log_t,prelink_log_t)
')