policy/modules/services/zosremote.if

   1 ## <summary>policy for z/OS Remote-services Audit dispatcher plugin</summary>
   2
   3 ########################################
   4 ## <summary>
   5 ##      Execute a domain transition to run audispd-zos-remote.
   6 ## </summary>
   7 ## <param name="domain">
   8 ##      <summary>
   9 ##      Domain allowed to transition.
  10 ##      </summary>
  11 ## </param>
  12 #
  13 interface(`zosremote_domtrans',`
  14         gen_require(`
  15                 type zos_remote_t, zos_remote_exec_t;
  16         ')
  17
  18         domtrans_pattern($1, zos_remote_exec_t, zos_remote_t)
  19 ')
  20
  21 ########################################
  22 ## <summary>
  23 ##      Allow specified type and role to transition and
  24 ##      run in the zos_remote_t domain. Allow specified type
  25 ##      to use zos_remote_t terminal.
  26 ## </summary>
  27 ## <param name="domain">
  28 ##      <summary>
  29 ##      Domain allowed to transition.
  30 ##      </summary>
  31 ## </param>
  32 ## <param name="role">
  33 ##      <summary>
  34 ##      Role allowed access.
  35 ##      </summary>
  36 ## </param>
  37 ## <rolecap/>
  38 #
  39 interface(`zosremote_run',`
  40         gen_require(`
  41                 type zos_remote_t;
  42         ')
  43
  44         zosremote_domtrans($1)
  45         role $2 types zos_remote_t;
  46 ')