[people/stevee/selinux-policy.git] / policy / modules / services / bluetooth.te


policy_module(bluetooth, 3.3.0)

########################################
#
# Declarations
#
type bluetooth_t;
type bluetooth_exec_t;
init_daemon_domain(bluetooth_t, bluetooth_exec_t)

type bluetooth_conf_t;
files_type(bluetooth_conf_t)

type bluetooth_conf_rw_t;
files_type(bluetooth_conf_rw_t)

type bluetooth_helper_t;
type bluetooth_helper_exec_t;
typealias bluetooth_helper_t alias { user_bluetooth_helper_t staff_bluetooth_helper_t sysadm_bluetooth_helper_t };
typealias bluetooth_helper_t alias { auditadm_bluetooth_helper_t secadm_bluetooth_helper_t };
application_domain(bluetooth_helper_t, bluetooth_helper_exec_t)
ubac_constrained(bluetooth_helper_t)

type bluetooth_helper_tmp_t;
typealias bluetooth_helper_tmp_t alias { user_bluetooth_helper_tmp_t staff_bluetooth_helper_tmp_t sysadm_bluetooth_helper_tmp_t };
typealias bluetooth_helper_tmp_t alias { auditadm_bluetooth_helper_tmp_t secadm_bluetooth_helper_tmp_t };
files_tmp_file(bluetooth_helper_tmp_t)
ubac_constrained(bluetooth_helper_tmp_t)

type bluetooth_helper_tmpfs_t;
typealias bluetooth_helper_tmpfs_t alias { user_bluetooth_helper_tmpfs_t staff_bluetooth_helper_tmpfs_t sysadm_bluetooth_helper_tmpfs_t };
typealias bluetooth_helper_tmpfs_t alias { auditadm_bluetooth_helper_tmpfs_t secadm_bluetooth_helper_tmpfs_t };
files_tmpfs_file(bluetooth_helper_tmpfs_t)
ubac_constrained(bluetooth_helper_tmpfs_t)

type bluetooth_initrc_exec_t;
init_script_file(bluetooth_initrc_exec_t)

type bluetooth_lock_t;
files_lock_file(bluetooth_lock_t)

type bluetooth_tmp_t;
files_tmp_file(bluetooth_tmp_t)

type bluetooth_var_lib_t;
files_type(bluetooth_var_lib_t)

type bluetooth_var_run_t;
files_pid_file(bluetooth_var_run_t)

########################################
#
# Bluetooth services local policy
#

#sys_admin capability - redhat bug 573015
allow bluetooth_t self:capability { dac_override net_bind_service net_admin net_raw setpcap sys_admin sys_tty_config ipc_lock };
dontaudit bluetooth_t self:capability sys_tty_config;
allow bluetooth_t self:process { getcap setcap getsched signal_perms };
allow bluetooth_t self:fifo_file rw_fifo_file_perms;
allow bluetooth_t self:shm create_shm_perms;
allow bluetooth_t self:socket create_stream_socket_perms;
allow bluetooth_t self:unix_dgram_socket create_socket_perms;
allow bluetooth_t self:unix_stream_socket { connectto create_stream_socket_perms };
allow bluetooth_t self:tcp_socket create_stream_socket_perms;
allow bluetooth_t self:udp_socket create_socket_perms;
allow bluetooth_t self:netlink_kobject_uevent_socket create_socket_perms;

read_files_pattern(bluetooth_t, bluetooth_conf_t, bluetooth_conf_t)

manage_dirs_pattern(bluetooth_t, bluetooth_conf_t, bluetooth_conf_rw_t)
manage_files_pattern(bluetooth_t, bluetooth_conf_t, bluetooth_conf_rw_t)
manage_lnk_files_pattern(bluetooth_t, bluetooth_conf_t, bluetooth_conf_rw_t)
manage_fifo_files_pattern(bluetooth_t, bluetooth_conf_t, bluetooth_conf_rw_t)
manage_sock_files_pattern(bluetooth_t, bluetooth_conf_t, bluetooth_conf_rw_t)
filetrans_pattern(bluetooth_t, bluetooth_conf_t, bluetooth_conf_rw_t, { dir file lnk_file sock_file fifo_file })

can_exec(bluetooth_t, bluetooth_helper_exec_t)

allow bluetooth_t bluetooth_lock_t:file manage_file_perms;
files_lock_filetrans(bluetooth_t, bluetooth_lock_t, file)

manage_dirs_pattern(bluetooth_t, bluetooth_tmp_t, bluetooth_tmp_t)
manage_files_pattern(bluetooth_t, bluetooth_tmp_t, bluetooth_tmp_t)
files_tmp_filetrans(bluetooth_t, bluetooth_tmp_t, { file dir })

manage_dirs_pattern(bluetooth_t, bluetooth_var_lib_t, bluetooth_var_lib_t)
manage_files_pattern(bluetooth_t, bluetooth_var_lib_t, bluetooth_var_lib_t)
files_var_lib_filetrans(bluetooth_t, bluetooth_var_lib_t, { dir file } )

manage_files_pattern(bluetooth_t, bluetooth_var_run_t, bluetooth_var_run_t)
manage_sock_files_pattern(bluetooth_t, bluetooth_var_run_t, bluetooth_var_run_t)
files_pid_filetrans(bluetooth_t, bluetooth_var_run_t, { file sock_file })

kernel_read_kernel_sysctls(bluetooth_t)
kernel_read_system_state(bluetooth_t)
kernel_read_network_state(bluetooth_t)
kernel_request_load_module(bluetooth_t)
#search debugfs - redhat bug 548206
kernel_search_debugfs(bluetooth_t)

corenet_all_recvfrom_unlabeled(bluetooth_t)
corenet_all_recvfrom_netlabel(bluetooth_t)
corenet_tcp_sendrecv_generic_if(bluetooth_t)
corenet_udp_sendrecv_generic_if(bluetooth_t)
corenet_raw_sendrecv_generic_if(bluetooth_t)
corenet_tcp_sendrecv_generic_node(bluetooth_t)
corenet_udp_sendrecv_generic_node(bluetooth_t)
corenet_raw_sendrecv_generic_node(bluetooth_t)
corenet_tcp_sendrecv_all_ports(bluetooth_t)
corenet_udp_sendrecv_all_ports(bluetooth_t)

dev_read_sysfs(bluetooth_t)
dev_rw_usbfs(bluetooth_t)
dev_rw_generic_usb_dev(bluetooth_t)
dev_read_urand(bluetooth_t)
dev_rw_input_dev(bluetooth_t)
dev_rw_wireless(bluetooth_t)

fs_getattr_all_fs(bluetooth_t)
fs_search_auto_mountpoints(bluetooth_t)
fs_list_inotifyfs(bluetooth_t)

#Handle bluetooth serial devices
term_use_unallocated_ttys(bluetooth_t)

corecmd_exec_bin(bluetooth_t)
corecmd_exec_shell(bluetooth_t)

domain_use_interactive_fds(bluetooth_t)
domain_dontaudit_search_all_domains_state(bluetooth_t)

files_read_etc_files(bluetooth_t)
files_read_etc_runtime_files(bluetooth_t)
files_read_usr_files(bluetooth_t)

auth_use_nsswitch(bluetooth_t)

logging_send_syslog_msg(bluetooth_t)

miscfiles_read_localization(bluetooth_t)
miscfiles_read_fonts(bluetooth_t)
miscfiles_read_hwdata(bluetooth_t)

userdom_dontaudit_use_unpriv_user_fds(bluetooth_t)
userdom_dontaudit_use_user_terminals(bluetooth_t)
userdom_dontaudit_search_user_home_dirs(bluetooth_t)

optional_policy(`
	dbus_system_bus_client(bluetooth_t)
	dbus_connect_system_bus(bluetooth_t)

	optional_policy(`
		cups_dbus_chat(bluetooth_t)
	')

	optional_policy(`
		hal_dbus_chat(bluetooth_t)
	')

	optional_policy(`
		networkmanager_dbus_chat(bluetooth_t)
	')

	optional_policy(`
		pulseaudio_dbus_chat(bluetooth_t)
	')
')

optional_policy(`
	seutil_sigchld_newrole(bluetooth_t)
')

optional_policy(`
	udev_read_db(bluetooth_t)
')

optional_policy(`
	ppp_domtrans(bluetooth_t)
')

########################################
#
# Bluetooth helper programs local policy
#

allow bluetooth_helper_t self:capability sys_nice;
allow bluetooth_helper_t self:process getsched;
allow bluetooth_helper_t self:fifo_file rw_fifo_file_perms;
allow bluetooth_helper_t self:shm create_shm_perms;
allow bluetooth_helper_t self:unix_stream_socket { create_stream_socket_perms connectto };
allow bluetooth_helper_t self:tcp_socket create_socket_perms;
allow bluetooth_helper_t self:netlink_route_socket r_netlink_socket_perms;

allow bluetooth_helper_t bluetooth_t:socket { read write };

manage_dirs_pattern(bluetooth_helper_t, bluetooth_helper_tmp_t, bluetooth_helper_tmp_t)
manage_files_pattern(bluetooth_helper_t, bluetooth_helper_tmp_t, bluetooth_helper_tmp_t)
manage_sock_files_pattern(bluetooth_helper_t, bluetooth_helper_tmp_t, bluetooth_helper_tmp_t)
files_tmp_filetrans(bluetooth_helper_t, bluetooth_helper_tmp_t, { file dir sock_file })

manage_dirs_pattern(bluetooth_helper_t, bluetooth_helper_tmpfs_t, bluetooth_helper_tmpfs_t)
manage_files_pattern(bluetooth_helper_t, bluetooth_helper_tmpfs_t, bluetooth_helper_tmpfs_t)
fs_tmpfs_filetrans(bluetooth_helper_t, bluetooth_helper_tmpfs_t, { dir file })

kernel_read_system_state(bluetooth_helper_t)
kernel_read_kernel_sysctls(bluetooth_helper_t)

dev_read_urand(bluetooth_helper_t)

term_dontaudit_use_all_ttys(bluetooth_helper_t)

corecmd_exec_bin(bluetooth_helper_t)
corecmd_exec_shell(bluetooth_helper_t)

domain_read_all_domains_state(bluetooth_helper_t)

files_read_etc_files(bluetooth_helper_t)
files_read_etc_runtime_files(bluetooth_helper_t)
files_read_usr_files(bluetooth_helper_t)
files_dontaudit_list_default(bluetooth_helper_t)

locallogin_dontaudit_use_fds(bluetooth_helper_t)

logging_send_syslog_msg(bluetooth_helper_t)

miscfiles_read_localization(bluetooth_helper_t)

sysnet_read_config(bluetooth_helper_t)

optional_policy(`
	bluetooth_dbus_chat(bluetooth_helper_t)

	dbus_system_bus_client(bluetooth_helper_t)
	dbus_connect_system_bus(bluetooth_helper_t)
')

optional_policy(`
	nscd_socket_use(bluetooth_helper_t)
')

optional_policy(`
	xserver_user_x_domain_template(bluetooth_helper, bluetooth_helper_t, bluetooth_helper_tmpfs_t)
')
Commit	Line	Data
d4dca585	1
29af4c13	2	policy_module(bluetooth, 3.3.0)
d4dca585 CP	3
	4	########################################
	5	#
	6	# Declarations
	7	#
	8	type bluetooth_t;
	9	type bluetooth_exec_t;
0bfccda4	10	init_daemon_domain(bluetooth_t, bluetooth_exec_t)
d4dca585 CP	11
	12	type bluetooth_conf_t;
	13	files_type(bluetooth_conf_t)
	14
d8636fc9 CP	15	type bluetooth_conf_rw_t;
	16	files_type(bluetooth_conf_rw_t)
	17
296273a7	18	type bluetooth_helper_t;
350b6ab7	19	type bluetooth_helper_exec_t;
296273a7 CP	20	typealias bluetooth_helper_t alias { user_bluetooth_helper_t staff_bluetooth_helper_t sysadm_bluetooth_helper_t };
	21	typealias bluetooth_helper_t alias { auditadm_bluetooth_helper_t secadm_bluetooth_helper_t };
	22	application_domain(bluetooth_helper_t, bluetooth_helper_exec_t)
	23	ubac_constrained(bluetooth_helper_t)
	24
	25	type bluetooth_helper_tmp_t;
	26	typealias bluetooth_helper_tmp_t alias { user_bluetooth_helper_tmp_t staff_bluetooth_helper_tmp_t sysadm_bluetooth_helper_tmp_t };
	27	typealias bluetooth_helper_tmp_t alias { auditadm_bluetooth_helper_tmp_t secadm_bluetooth_helper_tmp_t };
	28	files_tmp_file(bluetooth_helper_tmp_t)
	29	ubac_constrained(bluetooth_helper_tmp_t)
	30
	31	type bluetooth_helper_tmpfs_t;
	32	typealias bluetooth_helper_tmpfs_t alias { user_bluetooth_helper_tmpfs_t staff_bluetooth_helper_tmpfs_t sysadm_bluetooth_helper_tmpfs_t };
	33	typealias bluetooth_helper_tmpfs_t alias { auditadm_bluetooth_helper_tmpfs_t secadm_bluetooth_helper_tmpfs_t };
	34	files_tmpfs_file(bluetooth_helper_tmpfs_t)
	35	ubac_constrained(bluetooth_helper_tmpfs_t)
19b5555f	36
fcee22ad CP	37	type bluetooth_initrc_exec_t;
	38	init_script_file(bluetooth_initrc_exec_t)
	39
d4dca585 CP	40	type bluetooth_lock_t;
	41	files_lock_file(bluetooth_lock_t)
	42
	43	type bluetooth_tmp_t;
	44	files_tmp_file(bluetooth_tmp_t)
	45
d8636fc9 CP	46	type bluetooth_var_lib_t;
	47	files_type(bluetooth_var_lib_t)
	48
d4dca585 CP	49	type bluetooth_var_run_t;
	50	files_pid_file(bluetooth_var_run_t)
	51
	52	########################################
	53	#
d8636fc9	54	# Bluetooth services local policy
d4dca585	55	#
d8636fc9	56
84ce9c33 JS	57	#sys_admin capability - redhat bug 573015
84ce9c33 JS	58	allow bluetooth_t self:capability { dac_override net_bind_service net_admin net_raw setpcap sys_admin sys_tty_config ipc_lock };
d4dca585	59	dontaudit bluetooth_t self:capability sys_tty_config;
c5155ac0	60	allow bluetooth_t self:process { getcap setcap getsched signal_perms };
c0868a7a	61	allow bluetooth_t self:fifo_file rw_fifo_file_perms;
d8636fc9	62	allow bluetooth_t self:shm create_shm_perms;
d4dca585 CP	63	allow bluetooth_t self:socket create_stream_socket_perms;
d4dca585 CP	64	allow bluetooth_t self:unix_dgram_socket create_socket_perms;
fcee22ad	65	allow bluetooth_t self:unix_stream_socket { connectto create_stream_socket_perms };
3d03a4f4	66	allow bluetooth_t self:tcp_socket create_stream_socket_perms;
d4dca585	67	allow bluetooth_t self:udp_socket create_socket_perms;
c5155ac0	68	allow bluetooth_t self:netlink_kobject_uevent_socket create_socket_perms;
d4dca585	69
0bfccda4	70	read_files_pattern(bluetooth_t, bluetooth_conf_t, bluetooth_conf_t)
d4dca585	71
0bfccda4 CP	72	manage_dirs_pattern(bluetooth_t, bluetooth_conf_t, bluetooth_conf_rw_t)
	73	manage_files_pattern(bluetooth_t, bluetooth_conf_t, bluetooth_conf_rw_t)
	74	manage_lnk_files_pattern(bluetooth_t, bluetooth_conf_t, bluetooth_conf_rw_t)
	75	manage_fifo_files_pattern(bluetooth_t, bluetooth_conf_t, bluetooth_conf_rw_t)
	76	manage_sock_files_pattern(bluetooth_t, bluetooth_conf_t, bluetooth_conf_rw_t)
	77	filetrans_pattern(bluetooth_t, bluetooth_conf_t, bluetooth_conf_rw_t, { dir file lnk_file sock_file fifo_file })
d8636fc9	78
350b6ab7	79	can_exec(bluetooth_t, bluetooth_helper_exec_t)
9bbc757a	80
d9845ae9	81	allow bluetooth_t bluetooth_lock_t:file manage_file_perms;
3f67f722	82	files_lock_filetrans(bluetooth_t, bluetooth_lock_t, file)
d4dca585	83
0bfccda4 CP	84	manage_dirs_pattern(bluetooth_t, bluetooth_tmp_t, bluetooth_tmp_t)
0bfccda4 CP	85	manage_files_pattern(bluetooth_t, bluetooth_tmp_t, bluetooth_tmp_t)
103fe280	86	files_tmp_filetrans(bluetooth_t, bluetooth_tmp_t, { file dir })
d4dca585	87
0bfccda4 CP	88	manage_dirs_pattern(bluetooth_t, bluetooth_var_lib_t, bluetooth_var_lib_t)
	89	manage_files_pattern(bluetooth_t, bluetooth_var_lib_t, bluetooth_var_lib_t)
	90	files_var_lib_filetrans(bluetooth_t, bluetooth_var_lib_t, { dir file } )
d8636fc9	91
0bfccda4 CP	92	manage_files_pattern(bluetooth_t, bluetooth_var_run_t, bluetooth_var_run_t)
0bfccda4 CP	93	manage_sock_files_pattern(bluetooth_t, bluetooth_var_run_t, bluetooth_var_run_t)
103fe280	94	files_pid_filetrans(bluetooth_t, bluetooth_var_run_t, { file sock_file })
d4dca585	95
445522dc	96	kernel_read_kernel_sysctls(bluetooth_t)
d8636fc9	97	kernel_read_system_state(bluetooth_t)
8f800d48	98	kernel_read_network_state(bluetooth_t)
c5155ac0	99	kernel_request_load_module(bluetooth_t)
84ce9c33 JS	100	#search debugfs - redhat bug 548206
84ce9c33 JS	101	kernel_search_debugfs(bluetooth_t)
d4dca585	102
19006686 CP	103	corenet_all_recvfrom_unlabeled(bluetooth_t)
19006686 CP	104	corenet_all_recvfrom_netlabel(bluetooth_t)
668b3093 CP	105	corenet_tcp_sendrecv_generic_if(bluetooth_t)
	106	corenet_udp_sendrecv_generic_if(bluetooth_t)
	107	corenet_raw_sendrecv_generic_if(bluetooth_t)
c1262146 CP	108	corenet_tcp_sendrecv_generic_node(bluetooth_t)
	109	corenet_udp_sendrecv_generic_node(bluetooth_t)
	110	corenet_raw_sendrecv_generic_node(bluetooth_t)
d4dca585 CP	111	corenet_tcp_sendrecv_all_ports(bluetooth_t)
	112	corenet_udp_sendrecv_all_ports(bluetooth_t)
	113
	114	dev_read_sysfs(bluetooth_t)
	115	dev_rw_usbfs(bluetooth_t)
8cf67141	116	dev_rw_generic_usb_dev(bluetooth_t)
d8636fc9	117	dev_read_urand(bluetooth_t)
fcee22ad	118	dev_rw_input_dev(bluetooth_t)
c5155ac0	119	dev_rw_wireless(bluetooth_t)
d4dca585 CP	120
	121	fs_getattr_all_fs(bluetooth_t)
	122	fs_search_auto_mountpoints(bluetooth_t)
7487a667	123	fs_list_inotifyfs(bluetooth_t)
d4dca585	124
d8636fc9	125	#Handle bluetooth serial devices
1815bad1	126	term_use_unallocated_ttys(bluetooth_t)
d4dca585 CP	127
d4dca585 CP	128	corecmd_exec_bin(bluetooth_t)
d8636fc9	129	corecmd_exec_shell(bluetooth_t)
d4dca585	130
15722ec9	131	domain_use_interactive_fds(bluetooth_t)
a3cf80d8	132	domain_dontaudit_search_all_domains_state(bluetooth_t)
d4dca585	133
d8636fc9 CP	134	files_read_etc_files(bluetooth_t)
	135	files_read_etc_runtime_files(bluetooth_t)
	136	files_read_usr_files(bluetooth_t)
	137
fcee22ad CP	138	auth_use_nsswitch(bluetooth_t)
fcee22ad CP	139
d4dca585 CP	140	logging_send_syslog_msg(bluetooth_t)
	141
	142	miscfiles_read_localization(bluetooth_t)
d8636fc9	143	miscfiles_read_fonts(bluetooth_t)
fcee22ad	144	miscfiles_read_hwdata(bluetooth_t)
d4dca585	145
15722ec9	146	userdom_dontaudit_use_unpriv_user_fds(bluetooth_t)
296273a7 CP	147	userdom_dontaudit_use_user_terminals(bluetooth_t)
296273a7 CP	148	userdom_dontaudit_search_user_home_dirs(bluetooth_t)
d4dca585	149
bb7170f6	150	optional_policy(`
296273a7	151	dbus_system_bus_client(bluetooth_t)
a3cf80d8	152	dbus_connect_system_bus(bluetooth_t)
fcee22ad CP	153
	154	optional_policy(`
	155	cups_dbus_chat(bluetooth_t)
	156	')
d4dca585	157
8f800d48 CP	158	optional_policy(`
	159	hal_dbus_chat(bluetooth_t)
	160	')
b93a7dac	161
c5155ac0 CP	162	optional_policy(`
	163	networkmanager_dbus_chat(bluetooth_t)
	164	')
	165
b93a7dac CP	166	optional_policy(`
	167	pulseaudio_dbus_chat(bluetooth_t)
	168	')
d4dca585 CP	169	')
d4dca585 CP	170
bb7170f6	171	optional_policy(`
d4dca585 CP	172	seutil_sigchld_newrole(bluetooth_t)
	173	')
	174
bb7170f6	175	optional_policy(`
d4dca585 CP	176	udev_read_db(bluetooth_t)
	177	')
	178
8708d9be CP	179	optional_policy(`
	180	ppp_domtrans(bluetooth_t)
	181	')
296273a7 CP	182
	183	########################################
	184	#
	185	# Bluetooth helper programs local policy
	186	#
	187
	188	allow bluetooth_helper_t self:capability sys_nice;
	189	allow bluetooth_helper_t self:process getsched;
	190	allow bluetooth_helper_t self:fifo_file rw_fifo_file_perms;
	191	allow bluetooth_helper_t self:shm create_shm_perms;
	192	allow bluetooth_helper_t self:unix_stream_socket { create_stream_socket_perms connectto };
	193	allow bluetooth_helper_t self:tcp_socket create_socket_perms;
	194	allow bluetooth_helper_t self:netlink_route_socket r_netlink_socket_perms;
	195
	196	allow bluetooth_helper_t bluetooth_t:socket { read write };
	197
	198	manage_dirs_pattern(bluetooth_helper_t, bluetooth_helper_tmp_t, bluetooth_helper_tmp_t)
	199	manage_files_pattern(bluetooth_helper_t, bluetooth_helper_tmp_t, bluetooth_helper_tmp_t)
	200	manage_sock_files_pattern(bluetooth_helper_t, bluetooth_helper_tmp_t, bluetooth_helper_tmp_t)
	201	files_tmp_filetrans(bluetooth_helper_t, bluetooth_helper_tmp_t, { file dir sock_file })
	202
	203	manage_dirs_pattern(bluetooth_helper_t, bluetooth_helper_tmpfs_t, bluetooth_helper_tmpfs_t)
	204	manage_files_pattern(bluetooth_helper_t, bluetooth_helper_tmpfs_t, bluetooth_helper_tmpfs_t)
	205	fs_tmpfs_filetrans(bluetooth_helper_t, bluetooth_helper_tmpfs_t, { dir file })
	206
	207	kernel_read_system_state(bluetooth_helper_t)
	208	kernel_read_kernel_sysctls(bluetooth_helper_t)
	209
	210	dev_read_urand(bluetooth_helper_t)
	211
c3c753f7	212	term_dontaudit_use_all_ttys(bluetooth_helper_t)
296273a7 CP	213
	214	corecmd_exec_bin(bluetooth_helper_t)
	215	corecmd_exec_shell(bluetooth_helper_t)
	216
	217	domain_read_all_domains_state(bluetooth_helper_t)
	218
	219	files_read_etc_files(bluetooth_helper_t)
	220	files_read_etc_runtime_files(bluetooth_helper_t)
	221	files_read_usr_files(bluetooth_helper_t)
	222	files_dontaudit_list_default(bluetooth_helper_t)
	223
	224	locallogin_dontaudit_use_fds(bluetooth_helper_t)
	225
	226	logging_send_syslog_msg(bluetooth_helper_t)
	227
c5155ac0	228	miscfiles_read_localization(bluetooth_helper_t)
296273a7 CP	229
	230	sysnet_read_config(bluetooth_helper_t)
	231
	232	optional_policy(`
	233	bluetooth_dbus_chat(bluetooth_helper_t)
	234
	235	dbus_system_bus_client(bluetooth_helper_t)
	236	dbus_connect_system_bus(bluetooth_helper_t)
	237	')
	238
	239	optional_policy(`
	240	nscd_socket_use(bluetooth_helper_t)
	241	')
	242
	243	optional_policy(`
	244	xserver_user_x_domain_template(bluetooth_helper, bluetooth_helper_t, bluetooth_helper_tmpfs_t)
	245	')