selinux-policy/policy/modules/services/slrnpull.if

43 lines
978 B
Plaintext

## <summary>Service for downloading news feeds the slrn newsreader.</summary>
########################################
## <summary>
## Allow the domain to search slrnpull spools.
## </summary>
## <param name="pty_type">
## <summary>
## domain allowed access
## </summary>
## </param>
#
interface(`slrnpull_search_spool',`
gen_require(`
type slrnpull_spool_t;
')
files_search_spool($1)
allow $1 slrnpull_spool_t:dir search_dir_perms;
')
########################################
## <summary>
## Allow the domain to create, read,
## write, and delete slrnpull spools.
## </summary>
## <param name="pty_type">
## <summary>
## domain allowed access
## </summary>
## </param>
#
interface(`slrnpull_manage_spool',`
gen_require(`
type slrnpull_spool_t;
')
files_search_spool($1)
manage_dirs_pattern($1, slrnpull_spool_t, slrnpull_spool_t)
manage_files_pattern($1, slrnpull_spool_t, slrnpull_spool_t)
manage_lnk_files_pattern($1, slrnpull_spool_t, slrnpull_spool_t)
')