+++ /dev/null
-
-## <summary>policy for thumb</summary>
-
-
-########################################
-## <summary>
-## Transition to thumb.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed to transition.
-## </summary>
-## </param>
-#
-interface(`thumb_domtrans',`
- gen_require(`
- type thumb_t, thumb_exec_t;
- ')
-
- corecmd_search_bin($1)
- domtrans_pattern($1, thumb_exec_t, thumb_t)
-')
-
-
-########################################
-## <summary>
-## Execute thumb in the thumb domain, and
-## allow the specified role the thumb domain.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed to transition
-## </summary>
-## </param>
-## <param name="role">
-## <summary>
-## The role to be allowed the thumb domain.
-## </summary>
-## </param>
-#
-interface(`thumb_run',`
- gen_require(`
- type thumb_t;
- ')
-
- thumb_domtrans($1)
- role $2 types thumb_t;
-
- allow $1 thumb_t:process signal;
-')
-
-########################################
-## <summary>
-## Role access for thumb
-## </summary>
-## <param name="role">
-## <summary>
-## Role allowed access
-## </summary>
-## </param>
-## <param name="domain">
-## <summary>
-## User domain for the role
-## </summary>
-## </param>
-#
-interface(`thumb_role',`
- gen_require(`
- type thumb_t;
- class dbus send_msg;
- ')
-
- role $1 types thumb_t;
-
- thumb_domtrans($2)
-
- ps_process_pattern($2, thumb_t)
- allow $2 thumb_t:process signal;
- allow thumb_t $2:unix_stream_socket connectto;
-
- allow $2 thumb_t:dbus send_msg;
- allow thumb_t $2:dbus send_msg;
-')
-
projects / people / stevee / selinux-policy.git / blobdiff