1 ## <summary>Policy for getty.</summary>
3 ########################################
5 ## Execute gettys in the getty domain.
7 ## <param name="domain">
9 ## Domain allowed access.
13 interface(`getty_domtrans',`
15 type getty_t, getty_exec_t;
18 corecmd_search_bin($1)
19 domtrans_pattern($1, getty_exec_t, getty_t)
22 ########################################
24 ## Inherit and use getty file descriptors.
26 ## <param name="domain">
28 ## Domain allowed access.
32 interface(`getty_use_fds',`
37 allow $1 getty_t:fd use;
40 ########################################
42 ## Allow process to read getty log file.
44 ## <param name="domain">
46 ## Domain allowed access.
51 interface(`getty_read_log',`
56 logging_search_logs($1)
57 allow $1 getty_log_t:file read_file_perms;
60 ########################################
62 ## Allow process to read getty config file.
64 ## <param name="domain">
66 ## Domain allowed access.
71 interface(`getty_read_config',`
77 allow $1 getty_etc_t:file read_file_perms;
80 ########################################
82 ## Allow process to edit getty config file.
84 ## <param name="domain">
86 ## Domain allowed access.
91 interface(`getty_rw_config',`
97 allow $1 getty_etc_t:file rw_file_perms;