## <summary>Finger user information service.</summary> ######################################## ## <summary> ## Execute fingerd in the fingerd domain. ## </summary> ## <param name="domain"> ## The type of the process performing this action. ## </param> # interface(`finger_domtrans',` gen_require(` type fingerd_t, fingerd_exec_t; ') domain_auto_trans($1,fingerd_exec_t,fingerd_t) allow $1 fingerd_t:fd use; allow fingerd_t $1:fd use; allow fingerd_t $1:fifo_file rw_file_perms; allow fingerd_t $1:process sigchld; ') ######################################## ## <summary> ## Allow the specified domain to connect to fingerd with a tcp socket. ## </summary> ## <param name="domain"> ## Domain allowed access. ## </param> # interface(`finger_tcp_connect',` gen_require(` type fingerd_t; ') kernel_tcp_recvfrom($1) allow $1 fingerd_t:tcp_socket { connectto recvfrom }; allow fingerd_t $1:tcp_socket { acceptfrom recvfrom }; ')