policy/modules/services/gpsd.if

   1 ## <summary>gpsd monitor daemon</summary>
   2
   3 ########################################
   4 ## <summary>
   5 ##      Execute a domain transition to run gpsd.
   6 ## </summary>
   7 ## <param name="domain">
   8 ## <summary>
   9 ##      Domain allowed to transition.
  10 ## </summary>
  11 ## </param>
  12 #
  13 interface(`gpsd_domtrans',`
  14         gen_require(`
  15                 type gpsd_t, gpsd_exec_t;
  16         ')
  17
  18         domtrans_pattern($1, gpsd_exec_t, gpsd_t)
  19 ')
  20
  21 ########################################
  22 ## <summary>
  23 ##      Execute gpsd in the gpsd domain, and
  24 ##      allow the specified role the gpsd domain.
  25 ## </summary>
  26 ## <param name="domain">
  27 ##      <summary>
  28 ##      Domain allowed to transition.
  29 ##      </summary>
  30 ## </param>
  31 ## <param name="role">
  32 ##      <summary>
  33 ##      Role allowed access.
  34 ##      </summary>
  35 ## </param>
  36 #
  37 interface(`gpsd_run',`
  38         gen_require(`
  39                 type gpsd_t;
  40         ')
  41
  42         gpsd_domtrans($1)
  43         role $2 types gpsd_t;
  44 ')
  45
  46 ########################################
  47 ## <summary>
  48 ##      Read and write gpsd shared memory.
  49 ## </summary>
  50 ## <param name="domain">
  51 ##      <summary>
  52 ##      Domain allowed access.
  53 ##      </summary>
  54 ## </param>
  55 #
  56 interface(`gpsd_rw_shm',`
  57         gen_require(`
  58                 type gpsd_t, gpsd_tmpfs_t;
  59         ')
  60
  61         allow $1 gpsd_t:shm rw_shm_perms;
  62         allow $1 gpsd_tmpfs_t:dir list_dir_perms;
  63         rw_files_pattern($1, gpsd_tmpfs_t, gpsd_tmpfs_t)
  64         read_lnk_files_pattern($1, gpsd_tmpfs_t, gpsd_tmpfs_t)
  65         fs_search_tmpfs($1)
  66 ')