1 ## <summary>Smart disk monitoring daemon policy</summary>
3 #######################################
5 ## Allow caller to read smartmon temporary files.
7 ## <param name="domain">
9 ## Domain allowed access.
13 interface(`smartmon_read_tmp_files',`
19 allow $1 fsdaemon_tmp_t:file read_file_perms;
22 ########################################
24 ## All of the rules required to administrate
25 ## an smartmon environment
27 ## <param name="domain">
29 ## Domain allowed access.
32 ## <param name="role">
34 ## Role allowed access.
39 interface(`smartmon_admin',`
41 type fsdaemon_t, fsdaemon_tmp_t, fsdaemon_var_run_t;
42 type fsdaemon_initrc_exec_t;
45 allow $1 fsdaemon_t:process signal_perms;
46 ps_process_pattern($1, fsdaemon_t)
47 tunable_policy(`deny_ptrace',`',`
48 allow $1 smartmon_t:process ptrace;
51 init_labeled_script_domtrans($1, fsdaemon_initrc_exec_t)
52 domain_system_change_exemption($1)
53 role_transition $2 fsdaemon_initrc_exec_t system_r;
57 admin_pattern($1, fsdaemon_tmp_t)
60 admin_pattern($1, fsdaemon_var_run_t)