]> git.ipfire.org Git - people/stevee/selinux-policy.git/blob - policy/modules/services/gpsd.if
projects / people / stevee / selinux-policy.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
trunk: whitespace fixes
[people/stevee/selinux-policy.git] / policy / modules / services / gpsd.if
1 ## <summary>gpsd monitor daemon</summary>
2
3 ########################################
4 ## <summary>
5 ## Execute a domain transition to run gpsd.
6 ## </summary>
7 ## <param name="domain">
8 ## <summary>
9 ## Domain allowed to transition.
10 ## </summary>
11 ## </param>
12 #
13 interface(`gpsd_domtrans',`
14 gen_require(`
15 type gpsd_t, gpsd_exec_t;
16 ')
17
18 domtrans_pattern($1, gpsd_exec_t, gpsd_t)
19 ')
20
21 ########################################
22 ## <summary>
23 ## Execute gpsd in the gpsd domain, and
24 ## allow the specified role the gpsd domain.
25 ## </summary>
26 ## <param name="domain">
27 ## <summary>
28 ## Domain allowed access
29 ## </summary>
30 ## </param>
31 ## <param name="role">
32 ## <summary>
33 ## The role to be allowed the gpsd domain.
34 ## </summary>
35 ## </param>
36 ## <param name="terminal">
37 ## <summary>
38 ## The type of the role's terminal.
39 ## </summary>
40 ## </param>
41 #
42 interface(`gpsd_run',`
43 gen_require(`
44 type gpsd_t;
45 ')
46
47 gpsd_domtrans($1)
48 role $2 types gpsd_t;
49 allow gpsd_t $3:chr_file rw_term_perms;
50 ')
51
52 ########################################
53 ## <summary>
54 ## Read and write gpsd shared memory.
55 ## </summary>
56 ## <param name="domain">
57 ## <summary>
58 ## Domain allowed access.
59 ## </summary>
60 ## </param>
61 #
62 interface(`gpsd_rw_shm',`
63 gen_require(`
64 type gpsd_t, gpsd_tmpfs_t;
65 ')
66
67 allow $1 gpsd_t:shm rw_shm_perms;
68 allow $1 gpsd_tmpfs_t:dir list_dir_perms;
69 rw_files_pattern($1, gpsd_tmpfs_t, gpsd_tmpfs_t)
70 read_lnk_files_pattern($1, gpsd_tmpfs_t, gpsd_tmpfs_t)
71 fs_search_tmpfs($1)
72 ')
The IPFire selinux policy.