[people/stevee/selinux-policy.git] / policy / modules / services / dcc.if

## <summary>Distributed checksum clearinghouse spam filtering</summary>

########################################
## <summary>
##	Execute cdcc in the cdcc domain.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed to transition.
##	</summary>
## </param>
#
interface(`dcc_domtrans_cdcc',`
	gen_require(`
		type cdcc_t, cdcc_exec_t;
	')

	corecmd_search_bin($1)
	domtrans_pattern($1, cdcc_exec_t, cdcc_t)
')

########################################
## <summary>
##	Execute cdcc in the cdcc domain, and
##	allow the specified role the cdcc domain.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed to transition.
##	</summary>
## </param>
## <param name="role">
##	<summary>
##	Role allowed access.
##	</summary>
## </param>
## <rolecap/>
#
interface(`dcc_run_cdcc',`
	gen_require(`
		type cdcc_t;
	')

	dcc_domtrans_cdcc($1)
	role $2 types cdcc_t;
')

########################################
## <summary>
##	Execute dcc_client in the dcc_client domain.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed to transition.
##	</summary>
## </param>
#
interface(`dcc_domtrans_client',`
	gen_require(`
		type dcc_client_t, dcc_client_exec_t;
	')

	corecmd_search_bin($1)
	domtrans_pattern($1, dcc_client_exec_t, dcc_client_t)
')

########################################
## <summary>
##	Send a signal to the dcc_client.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`dcc_signal_client',`
	gen_require(`
		type dcc_client_t;
	')

	allow $1 dcc_client_t:process signal;
')

########################################
## <summary>
##	Execute dcc_client in the dcc_client domain, and
##	allow the specified role the dcc_client domain.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed to transition.
##	</summary>
## </param>
## <param name="role">
##	<summary>
##	Role allowed access.
##	</summary>
## </param>
## <rolecap/>
#
interface(`dcc_run_client',`
	gen_require(`
		type dcc_client_t;
	')

	dcc_domtrans_client($1)
	role $2 types dcc_client_t;
')

########################################
## <summary>
##	Execute dbclean in the dcc_dbclean domain.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed to transition.
##	</summary>
## </param>
#
interface(`dcc_domtrans_dbclean',`
	gen_require(`
		type dcc_dbclean_t, dcc_dbclean_exec_t;
	')

	corecmd_search_bin($1)
	domtrans_pattern($1, dcc_dbclean_exec_t, dcc_dbclean_t)
')

########################################
## <summary>
##	Execute dbclean in the dcc_dbclean domain, and
##	allow the specified role the dcc_dbclean domain.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed to transition.
##	</summary>
## </param>
## <param name="role">
##	<summary>
##	Role allowed access.
##	</summary>
## </param>
## <rolecap/>
#
interface(`dcc_run_dbclean',`
	gen_require(`
		type dcc_dbclean_t;
	')

	dcc_domtrans_dbclean($1)
	role $2 types dcc_dbclean_t;
')

########################################
## <summary>
##	Connect to dccifd over a unix domain stream socket.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`dcc_stream_connect_dccifd',`
	gen_require(`
		type dcc_var_t, dccifd_var_run_t, dccifd_t;
	')

	files_search_pids($1)
	stream_connect_pattern($1, dcc_var_t, dccifd_var_run_t, dccifd_t)
')
Commit	Line	Data
6ba4d964 CP	1	## <summary>Distributed checksum clearinghouse spam filtering</summary>
	2
	3	########################################
	4	## <summary>
	5	## Execute cdcc in the cdcc domain.
	6	## </summary>
	7	## <param name="domain">
	8	## <summary>
288845a6	9	## Domain allowed to transition.
6ba4d964 CP	10	## </summary>
	11	## </param>
	12	#
	13	interface(`dcc_domtrans_cdcc',`
	14	gen_require(`
	15	type cdcc_t, cdcc_exec_t;
	16	')
	17
8021cb4f	18	corecmd_search_bin($1)
0bfccda4	19	domtrans_pattern($1, cdcc_exec_t, cdcc_t)
6ba4d964 CP	20	')
	21
	22	########################################
	23	## <summary>
	24	## Execute cdcc in the cdcc domain, and
	25	## allow the specified role the cdcc domain.
	26	## </summary>
	27	## <param name="domain">
	28	## <summary>
288845a6	29	## Domain allowed to transition.
6ba4d964 CP	30	## </summary>
	31	## </param>
	32	## <param name="role">
	33	## <summary>
a7ee7f81	34	## Role allowed access.
6ba4d964 CP	35	## </summary>
6ba4d964 CP	36	## </param>
bbcd3c97	37	## <rolecap/>
6ba4d964 CP	38	#
	39	interface(`dcc_run_cdcc',`
	40	gen_require(`
	41	type cdcc_t;
	42	')
	43
	44	dcc_domtrans_cdcc($1)
	45	role $2 types cdcc_t;
6ba4d964 CP	46	')
	47
	48	########################################
	49	## <summary>
	50	## Execute dcc_client in the dcc_client domain.
	51	## </summary>
	52	## <param name="domain">
	53	## <summary>
288845a6	54	## Domain allowed to transition.
6ba4d964 CP	55	## </summary>
	56	## </param>
	57	#
	58	interface(`dcc_domtrans_client',`
	59	gen_require(`
	60	type dcc_client_t, dcc_client_exec_t;
	61	')
	62
8021cb4f	63	corecmd_search_bin($1)
0bfccda4	64	domtrans_pattern($1, dcc_client_exec_t, dcc_client_t)
6ba4d964 CP	65	')
6ba4d964 CP	66
fcee22ad CP	67	########################################
	68	## <summary>
	69	## Send a signal to the dcc_client.
	70	## </summary>
	71	## <param name="domain">
	72	## <summary>
	73	## Domain allowed access.
	74	## </summary>
	75	## </param>
	76	#
	77	interface(`dcc_signal_client',`
	78	gen_require(`
	79	type dcc_client_t;
	80	')
	81
	82	allow $1 dcc_client_t:process signal;
	83	')
	84
6ba4d964 CP	85	########################################
	86	## <summary>
	87	## Execute dcc_client in the dcc_client domain, and
	88	## allow the specified role the dcc_client domain.
	89	## </summary>
	90	## <param name="domain">
	91	## <summary>
288845a6	92	## Domain allowed to transition.
6ba4d964 CP	93	## </summary>
	94	## </param>
	95	## <param name="role">
	96	## <summary>
a7ee7f81	97	## Role allowed access.
6ba4d964 CP	98	## </summary>
6ba4d964 CP	99	## </param>
bbcd3c97	100	## <rolecap/>
6ba4d964 CP	101	#
	102	interface(`dcc_run_client',`
	103	gen_require(`
	104	type dcc_client_t;
	105	')
	106
	107	dcc_domtrans_client($1)
	108	role $2 types dcc_client_t;
6ba4d964 CP	109	')
	110
	111	########################################
	112	## <summary>
	113	## Execute dbclean in the dcc_dbclean domain.
	114	## </summary>
	115	## <param name="domain">
	116	## <summary>
288845a6	117	## Domain allowed to transition.
6ba4d964 CP	118	## </summary>
	119	## </param>
	120	#
	121	interface(`dcc_domtrans_dbclean',`
	122	gen_require(`
	123	type dcc_dbclean_t, dcc_dbclean_exec_t;
	124	')
	125
8021cb4f	126	corecmd_search_bin($1)
0bfccda4	127	domtrans_pattern($1, dcc_dbclean_exec_t, dcc_dbclean_t)
6ba4d964 CP	128	')
	129
	130	########################################
	131	## <summary>
	132	## Execute dbclean in the dcc_dbclean domain, and
	133	## allow the specified role the dcc_dbclean domain.
	134	## </summary>
	135	## <param name="domain">
	136	## <summary>
288845a6	137	## Domain allowed to transition.
6ba4d964 CP	138	## </summary>
	139	## </param>
	140	## <param name="role">
	141	## <summary>
a7ee7f81	142	## Role allowed access.
6ba4d964 CP	143	## </summary>
6ba4d964 CP	144	## </param>
bbcd3c97	145	## <rolecap/>
6ba4d964 CP	146	#
	147	interface(`dcc_run_dbclean',`
	148	gen_require(`
	149	type dcc_dbclean_t;
	150	')
	151
	152	dcc_domtrans_dbclean($1)
	153	role $2 types dcc_dbclean_t;
6ba4d964 CP	154	')
	155
	156	########################################
	157	## <summary>
	158	## Connect to dccifd over a unix domain stream socket.
	159	## </summary>
	160	## <param name="domain">
	161	## <summary>
	162	## Domain allowed access.
	163	## </summary>
	164	## </param>
	165	#
	166	interface(`dcc_stream_connect_dccifd',`
	167	gen_require(`
	168	type dcc_var_t, dccifd_var_run_t, dccifd_t;
	169	')
	170
1e92803c	171	files_search_pids($1)
0bfccda4	172	stream_connect_pattern($1, dcc_var_t, dccifd_var_run_t, dccifd_t)
6ba4d964	173	')