selinux-policy/policy/modules/apps/podsleuth.if
Dominick Grift 03b86663f0 apps: domain { allowed to transition, allowed access, to not audit }.
Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-08-05 08:20:59 -04:00

46 lines
970 B
Plaintext

## <summary>Podsleuth is a tool to get information about an Apple (TM) iPod (TM)</summary>
########################################
## <summary>
## Execute a domain transition to run podsleuth.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed to transition.
## </summary>
## </param>
#
interface(`podsleuth_domtrans',`
gen_require(`
type podsleuth_t, podsleuth_exec_t;
')
domtrans_pattern($1, podsleuth_exec_t, podsleuth_t)
allow $1 podsleuth_t:process signal;
')
########################################
## <summary>
## Execute podsleuth in the podsleuth domain, and
## allow the specified role the podsleuth domain.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
## <summary>
## Role allowed access.
## </summary>
## </param>
#
interface(`podsleuth_run',`
gen_require(`
type podsleuth_t;
')
podsleuth_domtrans($1)
role $2 types podsleuth_t;
')