| ############################################################################### |
| # |
| # Copyright (C) 2006 Red Hat, Inc. All Rights Reserved. |
| # Written by David Howells (dhowells@redhat.com) |
| # Karl MacMillan (kmacmill@redhat.com) |
| # |
| # This program is free software; you can redistribute it and/or |
| # modify it under the terms of the GNU General Public License |
| # as published by the Free Software Foundation; either version |
| # 2 of the License, or (at your option) any later version. |
| # |
| ############################################################################### |
| |
| # |
| # Define the policy interface for the CacheFiles userspace management daemon. |
| # |
| |
| ## <summary>policy for cachefilesd</summary> |
| |
| ######################################## |
| ## <summary> |
| ## Execute a domain transition to run cachefilesd. |
| ## </summary> |
| ## <param name="domain"> |
| ## <summary> |
| ## Domain allowed to transition. |
| ## </summary> |
| ## </param> |
| # |
| interface(`cachefilesd_domtrans',` |
| gen_require(` |
| type cachefilesd_t, cachefilesd_exec_t; |
| ') |
| |
| domain_auto_trans($1,cachefilesd_exec_t,cachefilesd_t) |
| |
| allow $1 cachefilesd_t:fd use; |
| allow cachefilesd_t $1:fd use; |
| allow cachefilesd_t $1:fifo_file rw_file_perms; |
| allow cachefilesd_t $1:process sigchld; |
| ') |