selinux-policy/refpolicy/policy/modules/services/slrnpull.if

43 lines
943 B
Plaintext

## <summary>Service for downloading news feeds the slrn newsreader.</summary>
########################################
## <summary>
## Allow the domain to search slrnpull spools.
## </summary>
## <param name="pty_type">
## <summary>
## domain allowed access
## </summary>
## </param>
#
interface(`slrnpull_search_spool',`
gen_require(`
type slrnpull_spool_t;
')
files_search_spool($1)
allow $1 slrnpull_spool_t:dir search_dir_perms;
')
########################################
## <summary>
## Allow the domain to create, read,
## write, and delete slrnpull spools.
## </summary>
## <param name="pty_type">
## <summary>
## domain allowed access
## </summary>
## </param>
#
interface(`slrnpull_manage_spool',`
gen_require(`
type slrnpull_spool_t;
')
files_search_spool($1)
allow $1 slrnpull_spool_t:dir create_dir_perms;
allow $1 slrnpull_spool_t:file create_file_perms;
allow $1 slrnpull_spool_t:lnk_file create_lnk_perms;
')