1 ## <summary>Smart disk monitoring daemon policy</summary>
3 #######################################
5 ## Allow caller to read smartmon temporary files.
7 ## <param name="domain">
9 ## Domain allowed access.
13 interface(`smartmon_read_tmp_files',`
18 allow $1 fsdaemon_tmp_t:file read_file_perms;
21 ########################################
23 ## All of the rules required to administrate
24 ## an smartmon environment
26 ## <param name="domain">
28 ## Domain allowed access.
31 ## <param name="role">
33 ## Role allowed access.
38 interface(`smartmon_admin',`
40 type fsdaemon_t, fsdaemon_tmp_t, fsdaemon_var_run_t;
41 type fsdaemon_initrc_exec_t;
44 allow $1 fsdaemon_t:process { ptrace signal_perms getattr };
45 ps_process_pattern($1, fsdaemon_t)
47 init_labeled_script_domtrans($1, fsdaemon_initrc_exec_t)
48 domain_system_change_exemption($1)
49 role_transition $2 fsdaemon_initrc_exec_t system_r;
53 admin_pattern($1, fsdaemon_tmp_t)
56 admin_pattern($1, fsdaemon_var_run_t)