rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity
624f2f43b1
selinux-policy/policy/modules/services/apm.if
Dominick Grift 9fa4defbd4 Use permission sets where possible. 
Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Squash with 84812bc8dd814709734c2b6d1ef2ff2b84adc35d
Syntax error.
2010-09-17 14:32:48 +02:00

113 lines
2.0 KiB
Plaintext
Raw Blame History

## <summary>Advanced power management daemon</summary>
########################################
## <summary>
## Execute APM in the apm domain.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed to transition.
## </summary>
## </param>
#
interface(`apm_domtrans_client',`
gen_require(`
type apm_t, apm_exec_t;
')
corecmd_search_bin($1)
domtrans_pattern($1, apm_exec_t, apm_t)
')
########################################
## <summary>
## Use file descriptors for apmd.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`apm_use_fds',`
gen_require(`
type apmd_t;
')
allow $1 apmd_t:fd use;
')
########################################
## <summary>
## Write to apmd unnamed pipes.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`apm_write_pipes',`
gen_require(`
type apmd_t;
')
allow $1 apmd_t:fifo_file write_fifo_file_perms;
')
########################################
## <summary>
## Read and write to an apm unix stream socket.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`apm_rw_stream_sockets',`
gen_require(`
type apmd_t;
')
allow $1 apmd_t:unix_stream_socket { read write };
')
########################################
## <summary>
## Append to apm's log file.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`apm_append_log',`
gen_require(`
type apmd_log_t;
')
logging_search_logs($1)
allow $1 apmd_log_t:file append_file_perms;
')
########################################
## <summary>
## Connect to apmd over an unix stream socket.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`apm_stream_connect',`
gen_require(`
type apmd_t, apmd_var_run_t;
')
files_search_pids($1)
stream_connect_pattern($1, apmd_var_run_t, apmd_var_run_t, apmd_t)
')
Reference in New Issue View Git Blame Copy Permalink