selinux-policy/targeted/domains/program/avahi.te
Chris PeBenito 062e17af8a add avahi
2005-11-09 16:43:37 +00:00

30 lines
1.1 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#DESC avahi - mDNS/DNS-SD daemon implementing Apples ZeroConf architecture
#
# Author: Dan Walsh <dwalsh@redhat.com>
#
daemon_domain(avahi, `, privsysmod')
r_dir_file(avahi_t, proc_net_t)
can_network_server(avahi_t)
can_ypbind(avahi_t)
allow avahi_t self:unix_stream_socket { connectto create_stream_socket_perms };
allow avahi_t self:unix_dgram_socket create_socket_perms;
allow avahi_t self:capability { dac_override setgid chown kill setuid };
allow avahi_t urandom_device_t:chr_file r_file_perms;
allow avahi_t howl_port_t:{ udp_socket tcp_socket } name_bind;
allow avahi_t self:fifo_file { read write };
allow avahi_t self:netlink_route_socket r_netlink_socket_perms;
allow avahi_t self:process setrlimit;
allow avahi_t etc_t:file { getattr read };
allow avahi_t initrc_t:process { signal signull };
allow avahi_t system_dbusd_t:dbus { acquire_svc send_msg };
allow avahi_t avahi_var_run_t:dir setattr;
allow avahi_t avahi_var_run_t:sock_file create_file_perms;
ifdef(`dbusd.te', `
dbusd_client(system, avahi)
allow avahi_t unconfined_t:dbus send_msg;
allow unconfined_t avahi_t:dbus send_msg;
')