userdom_admin_home_dir_filetrans($1, gstreamer_home_t, dir, .gstreamer-10)
userdom_admin_home_dir_filetrans($1, gstreamer_home_t, dir, .gstreamer-12)
')
+######################################
+## <summary>
+## Execute gnome-keyring executable
+## in the specified domain.
+## </summary>
+## <desc>
+## <p>
+## Execute a telepathy executable
+## in the specified domain. This allows
+## the specified domain to execute any file
+## on these filesystems in the specified
+## domain.
+## </p>
+## <p>
+## No interprocess communication (signals, pipes,
+## etc.) is provided by this interface since
+## the domains are not owned by this module.
+## </p>
+## <p>
+## This interface was added to handle
+## the ssh-agent policy.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed to transition.
+## </summary>
+## </param>
+## <param name="target_domain">
+## <summary>
+## The type of the new process.
+## </summary>
+## </param>
+#
+interface(`gnome_command_domtrans_gkeyringd', `
+ gen_require(`
+ type gkeyringd_exec_t;
+ ')
+
+ allow $2 gkeyringd_exec_t:file entrypoint;
+ domain_transition_pattern($1, gkeyringd_exec_t, $2)
+ type_transition $1 gkeyringd_exec_t:process $2;
+')
template(`telepathy_dbus_session_role', `
gen_require(`
attribute telepathy_domain;
+ type telepathy_gabble_t;
+ type telepathy_sofiasip_t;
+ type telepathy_idle_t;
+ type telepathy_mission_control_t;
+ type telepathy_salut_t;
+ type telepathy_sunshine_t;
+ type telepathy_stream_engine_t;
+ type telepathy_msn_t;
+ type telepathy_gabble_exec_t;
+ type telepathy_sofiasip_exec_t;
+ type telepathy_idle_exec_t;
+ type telepathy_mission_control_exec_t;
+ type telepathy_salut_exec_t;
+ type telepathy_sunshine_exec_t;
+ type telepathy_stream_engine_exec_t;
+ type telepathy_msn_exec_t;
')
role $1 types telepathy_domain;
telepathy_gabble_stream_connect($2)
telepathy_msn_stream_connect($2)
telepathy_salut_stream_connect($2)
+
+ dbus_session_domain($3, telepathy_gabble_exec_t, telepathy_gabble_t)
+ dbus_session_domain($3, telepathy_sofiasip_exec_t, telepathy_sofiasip_t)
+ dbus_session_domain($3, telepathy_idle_exec_t, telepathy_idle_t)
+ dbus_session_domain($3, telepathy_mission_control_exec_t, telepathy_mission_control_t)
+ dbus_session_domain($3, telepathy_salut_exec_t, telepathy_salut_t)
+ dbus_session_domain($3, telepathy_sunshine_exec_t, telepathy_sunshine_t)
+ dbus_session_domain($3, telepathy_stream_engine_exec_t, telepathy_stream_engine_t)
+ dbus_session_domain($3, telepathy_msn_exec_t, telepathy_msn_t)
+
')
########################################
ps_process_pattern($1, telepathy_mission_control_t)
')
+#######################################
+## <summary>
+## Execute telepathy executable
+## in the specified domain.
+## </summary>
+## <desc>
+## <p>
+## Execute a telepathy executable
+## in the specified domain. This allows
+## the specified domain to execute any file
+## on these filesystems in the specified
+## domain.
+## </p>
+## <p>
+## No interprocess communication (signals, pipes,
+## etc.) is provided by this interface since
+## the domains are not owned by this module.
+## </p>
+## <p>
+## This interface was added to handle
+## the ssh-agent policy.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed to transition.
+## </summary>
+## </param>
+## <param name="target_domain">
+## <summary>
+## The type of the new process.
+## </summary>
+## </param>
+#
+interface(`telepathy_command_domtrans', `
+ gen_require(`
+ attribute telepathy_executable;
+ ')
+
+ allow $2 telepathy_executable:file entrypoint;
+ domain_transition_pattern($1, telepathy_executable, $2)
+ type_transition $1 telepathy_executable:process $2;
+
+ # needs to dbus chat with unconfined_t and unconfined_dbusd_t
+ optional_policy(`
+ telepathy_dbus_chat($1)
+ telepathy_dbus_chat($2)
+ ')
+')
projects / people / stevee / selinux-policy.git / commitdiff
