selinux-policy/policy/modules/admin/alsa.te
2007-07-19 18:57:48 +00:00

50 lines
1.1 KiB
Plaintext

policy_module(alsa,1.1.1)
########################################
#
# Declarations
#
type alsa_t;
type alsa_exec_t;
application_domain(alsa_t, alsa_exec_t)
role system_r types alsa_t;
type alsa_etc_rw_t;
files_type(alsa_etc_rw_t)
########################################
#
# Local policy
#
allow alsa_t self:capability { setgid setuid ipc_owner };
dontaudit alsa_t self:capability sys_admin;
allow alsa_t self:sem create_sem_perms;
allow alsa_t self:shm create_shm_perms;
allow alsa_t self:unix_stream_socket create_stream_socket_perms;
allow alsa_t self:unix_dgram_socket create_socket_perms;
manage_files_pattern(alsa_t,alsa_etc_rw_t,alsa_etc_rw_t)
manage_lnk_files_pattern(alsa_t,alsa_etc_rw_t,alsa_etc_rw_t)
files_read_etc_files(alsa_t)
term_use_generic_ptys(alsa_t)
term_dontaudit_use_unallocated_ttys(alsa_t)
libs_use_ld_so(alsa_t)
libs_use_shared_libs(alsa_t)
logging_send_syslog_msg(alsa_t)
miscfiles_read_localization(alsa_t)
userdom_manage_unpriv_user_semaphores(alsa_t)
userdom_manage_unpriv_user_shared_mem(alsa_t)
optional_policy(`
nscd_socket_use(alsa_t)
')