+++ /dev/null
-policy_module(gnomeclock, 1.0.0)
-
-########################################
-#
-# Declarations
-#
-
-type gnomeclock_t;
-type gnomeclock_exec_t;
-dbus_system_domain(gnomeclock_t, gnomeclock_exec_t)
-
-########################################
-#
-# gnomeclock local policy
-#
-
-allow gnomeclock_t self:capability { sys_nice sys_time };
-allow gnomeclock_t self:process { getattr getsched signal };
-allow gnomeclock_t self:fifo_file rw_fifo_file_perms;
-allow gnomeclock_t self:unix_stream_socket create_stream_socket_perms;
-allow gnomeclock_t self:unix_dgram_socket create_socket_perms;
-
-kernel_read_system_state(gnomeclock_t)
-
-corecmd_exec_bin(gnomeclock_t)
-corecmd_exec_shell(gnomeclock_t)
-corecmd_dontaudit_access_check_bin(gnomeclock_t)
-
-dev_read_sysfs(gnomeclock_t)
-
-files_read_etc_runtime_files(gnomeclock_t)
-files_read_usr_files(gnomeclock_t)
-
-fs_getattr_xattr_fs(gnomeclock_t)
-
-auth_use_nsswitch(gnomeclock_t)
-
-logging_send_syslog_msg(gnomeclock_t)
-
-miscfiles_read_localization(gnomeclock_t)
-miscfiles_manage_localization(gnomeclock_t)
-miscfiles_etc_filetrans_localization(gnomeclock_t)
-
-userdom_read_all_users_state(gnomeclock_t)
-
-optional_policy(`
- chronyd_systemctl(gnomeclock_t)
-')
-
-optional_policy(`
- clock_domtrans(gnomeclock_t)
-')
-
-optional_policy(`
- consolekit_dbus_chat(gnomeclock_t)
-')
-
-optional_policy(`
- consoletype_exec(gnomeclock_t)
-')
-
-optional_policy(`
- gnome_manage_usr_config(gnomeclock_t)
-')
-
-optional_policy(`
- ntp_domtrans_ntpdate(gnomeclock_t)
- ntp_initrc_domtrans(gnomeclock_t)
- init_dontaudit_getattr_all_script_files(gnomeclock_t)
- ntp_systemctl(gnomeclock_t)
-')
-
-optional_policy(`
- policykit_dbus_chat(gnomeclock_t)
- policykit_domtrans_auth(gnomeclock_t)
- policykit_read_lib(gnomeclock_t)
- policykit_read_reload(gnomeclock_t)
-')