#DESC Anaconda - Red Hat Installation program
#
# Authors:  Dan Walsh <dwalsh@redhat.com>
#
#

#################################
#
# Rules for the anaconda_t domain.
#
# anaconda_t is the domain of the installation program
#
type anaconda_t, admin, etc_writer, fs_domain, privmem, auth_write, domain, privlog, privowner, privmodule, sysctl_kernel_writer;
role system_r types anaconda_t;
unconfined_domain(anaconda_t)

role system_r types ldconfig_t;
domain_auto_trans(anaconda_t, ldconfig_exec_t, ldconfig_t)

role system_r types sysadm_su_t;
domain_auto_trans(anaconda_t, su_exec_t, sysadm_su_t)

# Run other rc scripts in the anaconda_t domain.
domain_auto_trans(anaconda_t, initrc_exec_t, initrc_t)

domain_auto_trans(anaconda_t, dmesg_exec_t, dmesg_t)

ifdef(`distro_redhat', `
file_type_auto_trans(anaconda_t, boot_t, boot_runtime_t, file)
')

ifdef(`rpm.te', `
# Access /var/lib/rpm.
domain_auto_trans(anaconda_t, rpm_exec_t, rpm_t)
')

file_type_auto_trans(anaconda_t, var_log_t, var_log_ksyms_t, file)

ifdef(`udev.te', `
domain_auto_trans(anaconda_t, udev_exec_t, udev_t)
')

ifdef(`ssh-agent.te', `
role system_r types sysadm_ssh_agent_t;
domain_auto_trans(anaconda_t, ssh_agent_exec_t, sysadm_ssh_agent_t)
')
domain_auto_trans(anaconda_t , admin_passwd_exec_t, sysadm_passwd_t)