policy/modules/services/gnomeclock.if

   1 ## <summary>Gnome clock handler for setting the time.</summary>
   2
   3 ########################################
   4 ## <summary>
   5 ##      Execute a domain transition to run gnomeclock.
   6 ## </summary>
   7 ## <param name="domain">
   8 ## <summary>
   9 ##      Domain allowed to transition.
  10 ## </summary>
  11 ## </param>
  12 #
  13 interface(`gnomeclock_domtrans',`
  14         gen_require(`
  15                 type gnomeclock_t, gnomeclock_exec_t;
  16         ')
  17
  18         domtrans_pattern($1, gnomeclock_exec_t, gnomeclock_t)
  19 ')
  20
  21 ########################################
  22 ## <summary>
  23 ##      Execute gnomeclock in the gnomeclock domain, and
  24 ##      allow the specified role the gnomeclock domain.
  25 ## </summary>
  26 ## <param name="domain">
  27 ##      <summary>
  28 ##      Domain allowed to transition.
  29 ##      </summary>
  30 ## </param>
  31 ## <param name="role">
  32 ##      <summary>
  33 ##      Role allowed access.
  34 ##      </summary>
  35 ## </param>
  36 #
  37 interface(`gnomeclock_run',`
  38         gen_require(`
  39                 type gnomeclock_t;
  40         ')
  41
  42         gnomeclock_domtrans($1)
  43         role $2 types gnomeclock_t;
  44 ')
  45
  46 ########################################
  47 ## <summary>
  48 ##      Send and receive messages from
  49 ##      gnomeclock over dbus.
  50 ## </summary>
  51 ## <param name="domain">
  52 ##      <summary>
  53 ##      Domain allowed access.
  54 ##      </summary>
  55 ## </param>
  56 #
  57 interface(`gnomeclock_dbus_chat',`
  58         gen_require(`
  59                 type gnomeclock_t;
  60                 class dbus send_msg;
  61         ')
  62
  63         allow $1 gnomeclock_t:dbus send_msg;
  64         allow gnomeclock_t $1:dbus send_msg;
  65 ')
  66
  67 ########################################
  68 ## <summary>
  69 ##      Do not audit send and receive messages from
  70 ##      gnomeclock over dbus.
  71 ## </summary>
  72 ## <param name="domain">
  73 ##      <summary>
  74 ##      Domain to not audit.
  75 ##      </summary>
  76 ## </param>
  77 #
  78 interface(`gnomeclock_dontaudit_dbus_chat',`
  79         gen_require(`
  80                 type gnomeclock_t;
  81                 class dbus send_msg;
  82         ')
  83
  84         dontaudit $1 gnomeclock_t:dbus send_msg;
  85         dontaudit gnomeclock_t $1:dbus send_msg;
  86 ')