1 ## <summary>Tools for filesystem management, such as mkfs and fsck.</summary>
3 ########################################
5 ## Execute fs tools in the fstools domain.
7 ## <param name="domain">
9 ## The type of the process performing this action.
13 interface(`fstools_domtrans',`
15 type fsadm_t, fsadm_exec_t;
18 corecmd_search_bin($1)
19 domtrans_pattern($1, fsadm_exec_t, fsadm_t)
22 ########################################
24 ## Execute fs tools in the fstools domain, and
25 ## allow the specified role the fs tools domain.
27 ## <param name="domain">
29 ## The type of the process performing this action.
32 ## <param name="role">
34 ## The role to be allowed the fs tools domain.
39 interface(`fstools_run',`
45 role $2 types fsadm_t;
48 ########################################
50 ## Execute fsadm in the caller domain.
52 ## <param name="domain">
54 ## The type of the process performing this action.
58 interface(`fstools_exec',`
63 can_exec($1, fsadm_exec_t)
66 ########################################
68 ## Send signal to fsadm process
70 ## <param name="domain">
72 ## Domain allowed access.
76 interface(`fstools_signal',`
81 allow $1 fsadm_t:process signal;
84 ########################################
86 ## Read fstools unnamed pipes.
88 ## <param name="domain">
90 ## Domain allowed access.
94 interface(`fstools_read_pipes',`
99 allow $1 fsadm_t:fifo_file read_fifo_file_perms;
102 ########################################
104 ## Relabel a file to the type used by the
105 ## filesystem tools programs.
107 ## <param name="domain">
109 ## The type of the process performing this action.
113 interface(`fstools_relabelto_entry_files',`
118 allow $1 fsadm_exec_t:file relabelto;
121 ########################################
123 ## Create, read, write, and delete a file used by the
124 ## filesystem tools programs.
126 ## <param name="domain">
128 ## The type of the process performing this action.
132 interface(`fstools_manage_entry_files',`
137 allow $1 fsadm_exec_t:file manage_file_perms;
140 ########################################
144 ## <param name="domain">
146 ## The type of the process performing this action.
150 interface(`fstools_getattr_swap_files',`
155 allow $1 swapfile_t:file getattr;