selinux-policy/refpolicy/policy/modules/admin/alsa.te

52 lines
1.1 KiB
Plaintext

policy_module(alsa,1.1.0)
########################################
#
# Declarations
#
type alsa_t;
type alsa_exec_t;
domain_type(alsa_t)
domain_entry_file(alsa_t, alsa_exec_t)
role system_r types alsa_t;
type alsa_etc_rw_t;
files_type(alsa_etc_rw_t)
########################################
#
# Local policy
#
allow alsa_t self:capability { setgid setuid ipc_owner };
dontaudit alsa_t self:capability sys_admin;
allow alsa_t self:sem create_sem_perms;
allow alsa_t self:shm create_shm_perms;
allow alsa_t self:unix_stream_socket create_stream_socket_perms;
allow alsa_t self:unix_dgram_socket create_socket_perms;
allow alsa_t alsa_etc_rw_t:dir rw_dir_perms;
allow alsa_t alsa_etc_rw_t:file create_file_perms;
allow alsa_t alsa_etc_rw_t:lnk_file create_lnk_perms;
files_read_etc_files(alsa_t)
term_use_generic_ptys(alsa_t)
term_dontaudit_use_unallocated_ttys(alsa_t)
libs_use_ld_so(alsa_t)
libs_use_shared_libs(alsa_t)
logging_send_syslog_msg(alsa_t)
miscfiles_read_localization(alsa_t)
userdom_manage_unpriv_user_semaphores(alsa_t)
userdom_manage_unpriv_user_shared_mem(alsa_t)
optional_policy(`
nscd_socket_use(alsa_t)
')