#DESC USBModules - List kernel modules for USB devices
#
# Author:  Russell Coker <russell@coker.com.au>
# X-Debian-Packages:
#

#################################
#
# Rules for the usbmodules_t domain.
#
type usbmodules_t, domain, privlog;
type usbmodules_exec_t, file_type, sysadmfile, exec_type;

in_user_role(usbmodules_t)
role sysadm_r types usbmodules_t;
role system_r types usbmodules_t;

domain_auto_trans(initrc_t, usbmodules_exec_t, usbmodules_t)
ifdef(`hotplug.te',`
domain_auto_trans(hotplug_t, usbmodules_exec_t, usbmodules_t)
allow usbmodules_t hotplug_etc_t:file r_file_perms;
allow usbmodules_t hotplug_etc_t:dir search;
')
allow usbmodules_t init_t:fd use;
allow usbmodules_t console_device_t:chr_file { read write };

uses_shlib(usbmodules_t)

# allow usb device access
allow usbmodules_t usbdevfs_t:file rw_file_perms;

allow usbmodules_t { etc_t modules_object_t proc_t usbdevfs_t }:dir r_dir_perms;

# needs etc_t read access for the hotplug config, maybe should have a new type
allow usbmodules_t { etc_t modules_dep_t }:file r_file_perms;