]>
Commit | Line | Data |
---|---|---|
a225f983 | 1 | |
29af4c13 | 2 | policy_module(wine, 1.7.0) |
a225f983 CP |
3 | |
4 | ######################################## | |
5 | # | |
6 | # Declarations | |
7 | # | |
8 | ||
9 | type wine_t; | |
a225f983 | 10 | type wine_exec_t; |
0bfccda4 | 11 | application_domain(wine_t, wine_exec_t) |
4796d07e CP |
12 | ubac_constrained(wine_t) |
13 | role system_r types wine_t; | |
14 | ||
15 | type wine_tmp_t; | |
16 | files_tmp_file(wine_tmp_t) | |
17 | ubac_constrained(wine_tmp_t) | |
a225f983 CP |
18 | |
19 | ######################################## | |
20 | # | |
21 | # Local policy | |
22 | # | |
23 | ||
4796d07e CP |
24 | allow wine_t self:process { execstack execmem execheap }; |
25 | allow wine_t self:fifo_file manage_fifo_file_perms; | |
26 | ||
27 | can_exec(wine_t, wine_exec_t) | |
28 | ||
29 | manage_dirs_pattern(wine_t, wine_tmp_t, wine_tmp_t) | |
30 | manage_files_pattern(wine_t, wine_tmp_t, wine_tmp_t) | |
31 | files_tmp_filetrans(wine_t, wine_tmp_t, { file dir }) | |
32 | ||
33 | domain_mmap_low(wine_t) | |
34 | ||
35 | files_execmod_all_files(wine_t) | |
36 | ||
296273a7 CP |
37 | userdom_use_user_terminals(wine_t) |
38 | ||
350b6ab7 | 39 | optional_policy(` |
4796d07e CP |
40 | hal_dbus_chat(wine_t) |
41 | ') | |
42 | ||
43 | optional_policy(` | |
95501942 | 44 | unconfined_domain_noaudit(wine_t) |
4796d07e | 45 | ') |
522b59bb | 46 | |
4796d07e CP |
47 | optional_policy(` |
48 | xserver_read_xdm_pid(wine_t) | |
49 | xserver_rw_shm(wine_t) | |
a225f983 | 50 | ') |