selinux-policy/policy/modules/services/slrnpull.if
Dominick Grift 288845a638 Services layer xml files.
Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-08-05 09:25:29 -04:00

43 lines
980 B
Plaintext

## <summary>Service for downloading news feeds the slrn newsreader.</summary>
########################################
## <summary>
## Allow the domain to search slrnpull spools.
## </summary>
## <param name="pty_type">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`slrnpull_search_spool',`
gen_require(`
type slrnpull_spool_t;
')
files_search_spool($1)
allow $1 slrnpull_spool_t:dir search_dir_perms;
')
########################################
## <summary>
## Allow the domain to create, read,
## write, and delete slrnpull spools.
## </summary>
## <param name="pty_type">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`slrnpull_manage_spool',`
gen_require(`
type slrnpull_spool_t;
')
files_search_spool($1)
manage_dirs_pattern($1, slrnpull_spool_t, slrnpull_spool_t)
manage_files_pattern($1, slrnpull_spool_t, slrnpull_spool_t)
manage_lnk_files_pattern($1, slrnpull_spool_t, slrnpull_spool_t)
')