2d102f8402
Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Signed-off-by: Dominick Grift <domg472@gmail.com>
104 lines
2.4 KiB
Plaintext
104 lines
2.4 KiB
Plaintext
## <summary>policy for zarafa services</summary>
|
|
|
|
######################################
|
|
## <summary>
|
|
## Creates types and rules for a basic
|
|
## zararfa init daemon domain.
|
|
## </summary>
|
|
## <param name="prefix">
|
|
## <summary>
|
|
## Prefix for the domain.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
template(`zarafa_domain_template',`
|
|
|
|
gen_require(`
|
|
attribute zarafa_domain;
|
|
')
|
|
|
|
##############################
|
|
#
|
|
# $1_t declarations
|
|
#
|
|
|
|
type zarafa_$1_t, zarafa_domain;
|
|
type zarafa_$1_exec_t;
|
|
init_daemon_domain(zarafa_$1_t, zarafa_$1_exec_t)
|
|
|
|
type zarafa_$1_log_t;
|
|
logging_log_file(zarafa_$1_log_t)
|
|
|
|
type zarafa_$1_var_run_t;
|
|
files_pid_file(zarafa_$1_var_run_t)
|
|
|
|
##############################
|
|
#
|
|
# $1_t local policy
|
|
#
|
|
|
|
manage_files_pattern(zarafa_$1_t, zarafa_$1_var_run_t, zarafa_$1_var_run_t)
|
|
manage_sock_files_pattern(zarafa_$1_t, zarafa_$1_var_run_t, zarafa_$1_var_run_t)
|
|
files_pid_filetrans(zarafa_$1_t, zarafa_$1_var_run_t, { file sock_file })
|
|
#stream_connect_pattern(zarafa_$1_t, $1_var_run_t, $1_var_run_t, virtd_t)
|
|
|
|
manage_files_pattern(zarafa_$1_t, zarafa_$1_log_t,zarafa_$1_log_t)
|
|
#manage_sock_files_pattern(zarafa_$1_t, zarafa_$1_log_t,zarafa_$1_log_t)
|
|
logging_log_filetrans(zarafa_$1_t,zarafa_$1_log_t,{ file })
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Execute a domain transition to run zarafa_server.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed to transition.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`zarafa_server_domtrans',`
|
|
gen_require(`
|
|
type zarafa_server_t, zarafa_server_exec_t;
|
|
')
|
|
|
|
domtrans_pattern($1, zarafa_server_exec_t, zarafa_server_t)
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Execute a domain transition to run zarafa_deliver.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed to transition.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`zarafa_deliver_domtrans',`
|
|
gen_require(`
|
|
type zarafa_deliver_t, zarafa_deliver_exec_t;
|
|
')
|
|
|
|
domtrans_pattern($1, zarafa_deliver_exec_t, zarafa_deliver_t)
|
|
')
|
|
|
|
#######################################
|
|
## <summary>
|
|
## Connect to zarafa-server unix domain stream socket.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed access.
|
|
## </summary>
|
|
## </param>
|
|
## <rolecap/>
|
|
#
|
|
interface(`zarafa_stream_connect_server',`
|
|
gen_require(`
|
|
type zarafa_server_t, zarafa_server_var_run_t;
|
|
')
|
|
|
|
stream_connect_pattern($1, zarafa_server_t, zarafa_server_var_run_t, zarafa_server_t)
|
|
')
|