[people/stevee/selinux-policy.git] / policy / modules / services / nova.if

## <summary>openstack-nova</summary>

#######################################
## <summary>
##  Creates types and rules for a basic
##  openstack-nova systemd daemon domain.
## </summary>
## <param name="prefix">
##  <summary>
##  Prefix for the domain.
##  </summary>
## </param>
#
template(`nova_domain_template',`
	gen_require(`
		attribute nova_domain;
	')

	type nova_$1_t, nova_domain;
	type nova_$1_exec_t;
	init_daemon_domain(nova_$1_t, nova_$1_exec_t)

	type nova_$1_tmp_t;
	files_tmp_file(nova_$1_tmp_t)

	manage_dirs_pattern(nova_$1_t, nova_$1_tmp_t, nova_$1_tmp_t)
	manage_files_pattern(nova_$1_t, nova_$1_tmp_t, nova_$1_tmp_t)
	files_tmp_filetrans(nova_$1_t, nova_$1_tmp_t, { file dir })
	can_exec(nova_$1_t, nova_$1_tmp_t)
')
Commit	Line	Data
1da0fc94 MG	1	## <summary>openstack-nova</summary>
	2
	3	#######################################
	4	## <summary>
	5	## Creates types and rules for a basic
	6	## openstack-nova systemd daemon domain.
	7	## </summary>
	8	## <param name="prefix">
	9	## <summary>
	10	## Prefix for the domain.
	11	## </summary>
	12	## </param>
	13	#
	14	template(`nova_domain_template',`
	15	gen_require(`
	16	attribute nova_domain;
	17	')
	18
	19	type nova_$1_t, nova_domain;
	20	type nova_$1_exec_t;
	21	init_daemon_domain(nova_$1_t, nova_$1_exec_t)
	22
	23	type nova_$1_tmp_t;
	24	files_tmp_file(nova_$1_tmp_t)
	25
1da0fc94 MG	26	manage_dirs_pattern(nova_$1_t, nova_$1_tmp_t, nova_$1_tmp_t)
	27	manage_files_pattern(nova_$1_t, nova_$1_tmp_t, nova_$1_tmp_t)
	28	files_tmp_filetrans(nova_$1_t, nova_$1_tmp_t, { file dir })
	29	can_exec(nova_$1_t, nova_$1_tmp_t)
	30	')