1 ## <summary>Finger user information service.</summary>
3 ########################################
5 ## Execute fingerd in the fingerd domain.
7 ## <param name="domain">
9 ## The type of the process performing this action.
13 interface(`finger_domtrans',`
15 type fingerd_t, fingerd_exec_t;
18 domain_auto_trans($1,fingerd_exec_t,fingerd_t)
20 allow $1 fingerd_t:fd use;
21 allow fingerd_t $1:fd use;
22 allow fingerd_t $1:fifo_file rw_file_perms;
23 allow fingerd_t $1:process sigchld;
26 ########################################
28 ## Allow the specified domain to connect to fingerd with a tcp socket.
30 ## <param name="domain">
32 ## Domain allowed access.
36 interface(`finger_tcp_connect',`
41 kernel_tcp_recvfrom($1)
42 allow $1 fingerd_t:tcp_socket { connectto recvfrom };
43 allow fingerd_t $1:tcp_socket { acceptfrom recvfrom };