policy/modules/apps/thumb.if

   1
   2 ## <summary>policy for thumb</summary>
   3
   4
   5 ########################################
   6 ## <summary>
   7 ##      Transition to thumb.
   8 ## </summary>
   9 ## <param name="domain">
  10 ## <summary>
  11 ##      Domain allowed to transition.
  12 ## </summary>
  13 ## </param>
  14 #
  15 interface(`thumb_domtrans',`
  16         gen_require(`
  17                 type thumb_t, thumb_exec_t;
  18         ')
  19
  20         corecmd_search_bin($1)
  21         domtrans_pattern($1, thumb_exec_t, thumb_t)
  22 ')
  23
  24
  25 ########################################
  26 ## <summary>
  27 ##      Execute thumb in the thumb domain, and
  28 ##      allow the specified role the thumb domain.
  29 ## </summary>
  30 ## <param name="domain">
  31 ##      <summary>
  32 ##      Domain allowed to transition
  33 ##      </summary>
  34 ## </param>
  35 ## <param name="role">
  36 ##      <summary>
  37 ##      The role to be allowed the thumb domain.
  38 ##      </summary>
  39 ## </param>
  40 #
  41 interface(`thumb_run',`
  42         gen_require(`
  43                 type thumb_t;
  44         ')
  45
  46         thumb_domtrans($1)
  47         role $2 types thumb_t;
  48 ')
  49
  50 ########################################
  51 ## <summary>
  52 ##      Role access for thumb
  53 ## </summary>
  54 ## <param name="role">
  55 ##      <summary>
  56 ##      Role allowed access
  57 ##      </summary>
  58 ## </param>
  59 ## <param name="domain">
  60 ##      <summary>
  61 ##      User domain for the role
  62 ##      </summary>
  63 ## </param>
  64 #
  65 interface(`thumb_role',`
  66         gen_require(`
  67                 type thumb_t;
  68         ')
  69
  70         role $1 types thumb_t;
  71
  72         thumb_domtrans($2)
  73
  74         ps_process_pattern($2, thumb_t)
  75         allow $2 thumb_t:process signal;
  76 ')
  77