| |
| ## <summary>policy for swtpmcuse</summary> |
| |
| ######################################## |
| ## <summary> |
| ## Execute TEMPLATE in the swtpmcuse domin. |
| ## </summary> |
| ## <param name="domain"> |
| ## <summary> |
| ## Domain allowed to transition. |
| ## </summary> |
| ## </param> |
| # |
| interface(`swtpmcuse_domtrans',` |
| gen_require(` |
| type swtpmcuse_t, swtpmcuse_exec_t; |
| ') |
| |
| corecmd_search_bin($1) |
| domtrans_pattern($1, swtpmcuse_exec_t, swtpmcuse_t) |
| ') |
| |
| ######################################## |
| ## <summary> |
| ## Execute swtpmcuse in the swtpmcuse domain, and |
| ## allow the specified role the swtpmcuse domain. |
| ## </summary> |
| ## <param name="domain"> |
| ## <summary> |
| ## Domain allowed to transition |
| ## </summary> |
| ## </param> |
| ## <param name="role"> |
| ## <summary> |
| ## The role to be allowed the swtpmcuse domain. |
| ## </summary> |
| ## </param> |
| # |
| interface(`swtpmcuse_run',` |
| gen_require(` |
| type swtpmcuse_t; |
| attribute_role swtpmcuse_roles; |
| ') |
| |
| swtpmcuse_domtrans($1) |
| roleattribute $2 swtpmcuse_roles; |
| ') |
| |
| ######################################## |
| ## <summary> |
| ## Role access for swtpmcuse |
| ## </summary> |
| ## <param name="role"> |
| ## <summary> |
| ## Role allowed access |
| ## </summary> |
| ## </param> |
| ## <param name="domain"> |
| ## <summary> |
| ## User domain for the role |
| ## </summary> |
| ## </param> |
| # |
| interface(`swtpmcuse_role',` |
| gen_require(` |
| type swtpmcuse_t; |
| attribute_role swtpmcuse_roles; |
| ') |
| |
| roleattribute $1 swtpmcuse_roles; |
| |
| swtpmcuse_domtrans($2) |
| |
| ps_process_pattern($2, swtpmcuse_t) |
| allow $2 swtpmcuse_t:process { signull signal sigkill }; |
| ') |