]>
Commit | Line | Data |
---|---|---|
4483ee84 CP |
1 | ## <summary>Advanced power management daemon</summary> |
2 | ||
3 | ######################################## | |
4 | ## <summary> | |
5 | ## Execute APM in the apm domain. | |
6 | ## </summary> | |
7 | ## <param name="domain"> | |
885b83ec | 8 | ## <summary> |
4483ee84 | 9 | ## Domain allowed access. |
885b83ec | 10 | ## </summary> |
4483ee84 CP |
11 | ## </param> |
12 | # | |
13 | interface(`apm_domtrans_client',` | |
14 | gen_require(` | |
15 | type apm_t, apm_exec_t; | |
16 | ') | |
17 | ||
18 | corecmd_search_bin($1) | |
19 | domain_auto_trans($1,apm_exec_t,apm_t) | |
20 | ||
21 | allow $1 apm_t:fd use; | |
22 | allow apm_t $1:fd use; | |
23 | allow apm_t $1:fifo_file rw_file_perms; | |
24 | allow apm_t $1:process sigchld; | |
25 | ') | |
26 | ||
27 | ######################################## | |
28 | ## <summary> | |
29 | ## Use file descriptors for apmd. | |
30 | ## </summary> | |
31 | ## <param name="domain"> | |
885b83ec | 32 | ## <summary> |
4483ee84 | 33 | ## The type of the process performing this action. |
885b83ec | 34 | ## </summary> |
4483ee84 CP |
35 | ## </param> |
36 | # | |
1c1ac67f | 37 | interface(`apm_use_fds',` |
4483ee84 CP |
38 | gen_require(` |
39 | type apmd_t; | |
40 | ') | |
41 | ||
42 | allow $1 apmd_t:fd use; | |
43 | ') | |
44 | ||
45 | ######################################## | |
46 | ## <summary> | |
47 | ## Write to apmd unnamed pipes. | |
48 | ## </summary> | |
49 | ## <param name="domain"> | |
885b83ec | 50 | ## <summary> |
4483ee84 | 51 | ## The type of the process performing this action. |
885b83ec | 52 | ## </summary> |
4483ee84 CP |
53 | ## </param> |
54 | # | |
1815bad1 | 55 | interface(`apm_write_pipes',` |
4483ee84 CP |
56 | gen_require(` |
57 | type apmd_t; | |
58 | ') | |
59 | ||
60 | allow $1 apmd_t:fifo_file write; | |
61 | ') | |
62 | ||
63 | ######################################## | |
64 | ## <summary> | |
65 | ## Read and write to an apm unix stream socket. | |
66 | ## </summary> | |
67 | ## <param name="domain"> | |
885b83ec | 68 | ## <summary> |
4483ee84 | 69 | ## Domain allowed access. |
885b83ec | 70 | ## </summary> |
4483ee84 CP |
71 | ## </param> |
72 | # | |
1815bad1 | 73 | interface(`apm_rw_stream_sockets',` |
4483ee84 CP |
74 | gen_require(` |
75 | type apmd_t; | |
76 | ') | |
77 | ||
78 | allow $1 apmd_t:unix_stream_socket { read write }; | |
79 | ') | |
80 | ||
81 | ######################################## | |
82 | ## <summary> | |
83 | ## Append to apm's log file. | |
84 | ## </summary> | |
85 | ## <param name="domain"> | |
885b83ec | 86 | ## <summary> |
4483ee84 | 87 | ## Domain allowed access. |
885b83ec | 88 | ## </summary> |
4483ee84 CP |
89 | ## </param> |
90 | # | |
91 | interface(`apm_append_log',` | |
92 | gen_require(` | |
93 | type apmd_log_t; | |
94 | ') | |
95 | ||
96 | logging_search_logs($1) | |
97 | allow $1 apmd_log_t:file append; | |
98 | ') | |
725926c5 CP |
99 | |
100 | ######################################## | |
101 | ## <summary> | |
102 | ## Connect to apmd over an unix stream socket. | |
103 | ## </summary> | |
104 | ## <param name="domain"> | |
885b83ec | 105 | ## <summary> |
725926c5 | 106 | ## Domain allowed access. |
885b83ec | 107 | ## </summary> |
725926c5 CP |
108 | ## </param> |
109 | # | |
110 | interface(`apm_stream_connect',` | |
111 | gen_require(` | |
9fd4b818 | 112 | type apmd_t, apmd_var_run_t; |
725926c5 CP |
113 | ') |
114 | ||
115 | files_search_pids($1) | |
116 | allow $1 apmd_var_run_t:sock_file write; | |
117 | allow $1 apmd_t:unix_stream_socket connectto; | |
118 | ') |