]>
Commit | Line | Data |
---|---|---|
50aca6d2 CP |
1 | ## <summary>RAID array management tools</summary> |
2 | ||
3 | ######################################## | |
4 | ## <summary> | |
5 | ## Execute software raid tools in the mdadm domain. | |
6 | ## </summary> | |
7 | ## <param name="domain"> | |
885b83ec | 8 | ## <summary> |
a0546c9d | 9 | ## Domain allowed to transition. |
885b83ec | 10 | ## </summary> |
50aca6d2 CP |
11 | ## </param> |
12 | # | |
13 | interface(`raid_domtrans_mdadm',` | |
14 | gen_require(` | |
15 | type mdadm_t, mdadm_exec_t; | |
50aca6d2 CP |
16 | ') |
17 | ||
8021cb4f | 18 | corecmd_search_bin($1) |
3f67f722 | 19 | domtrans_pattern($1, mdadm_exec_t, mdadm_t) |
50aca6d2 | 20 | ') |
a5f339f1 | 21 | |
c3a60ead CP |
22 | ###################################### |
23 | ## <summary> | |
24 | ## Execute a domain transition to mdadm_t for the | |
25 | ## specified role, allowing it to use the mdadm_t | |
26 | ## domain | |
27 | ## </summary> | |
28 | ## <param name="role"> | |
29 | ## <summary> | |
30 | ## Role allowed to access mdadm_t domain | |
31 | ## </summary> | |
32 | ## </param> | |
33 | ## <param name="domain"> | |
34 | ## <summary> | |
35 | ## Domain allowed to transition to mdadm_t | |
36 | ## </summary> | |
37 | ## </param> | |
38 | # | |
39 | interface(`raid_run_mdadm',` | |
40 | gen_require(` | |
41 | type mdadm_t; | |
42 | ') | |
43 | ||
44 | role $1 types mdadm_t; | |
45 | raid_domtrans_mdadm($2) | |
46 | ') | |
47 | ||
91249179 DW |
48 | ######################################## |
49 | ## <summary> | |
50 | ## read the mdadm pid files. | |
51 | ## </summary> | |
52 | ## <param name="domain"> | |
53 | ## <summary> | |
54 | ## Domain allowed access. | |
55 | ## </summary> | |
56 | ## </param> | |
57 | # | |
58 | interface(`raid_read_mdadm_pid',` | |
59 | gen_require(` | |
60 | type mdadm_var_run_t; | |
61 | ') | |
62 | ||
63 | read_files_pattern($1, mdadm_var_run_t, mdadm_var_run_t) | |
64 | ') | |
65 | ||
a5f339f1 CP |
66 | ######################################## |
67 | ## <summary> | |
68 | ## Create, read, write, and delete the mdadm pid files. | |
69 | ## </summary> | |
70 | ## <desc> | |
71 | ## <p> | |
72 | ## Create, read, write, and delete the mdadm pid files. | |
73 | ## </p> | |
74 | ## <p> | |
75 | ## Added for use in the init module. | |
76 | ## </p> | |
77 | ## </desc> | |
78 | ## <param name="domain"> | |
885b83ec | 79 | ## <summary> |
a0546c9d | 80 | ## Domain allowed access. |
885b83ec | 81 | ## </summary> |
a5f339f1 CP |
82 | ## </param> |
83 | # | |
84 | interface(`raid_manage_mdadm_pid',` | |
85 | gen_require(` | |
86 | type mdadm_var_run_t; | |
a5f339f1 CP |
87 | ') |
88 | ||
89 | # FIXME: maybe should have a type_transition. not | |
90 | # clear what this is doing, from the original | |
91 | # mdadm policy | |
c0868a7a | 92 | allow $1 mdadm_var_run_t:file manage_file_perms; |
a5f339f1 | 93 | ') |