← Back to branch summary

~ubuntu-branches/ubuntu/natty/refpolicy-ubuntu/natty

~ubuntu-branches/ubuntu/natty/refpolicy-ubuntu/natty

« back to all changes in this revision

Viewing changes to .pc/devkit.patch/policy/modules/services/devicekit.if

Committer: Bazaar Package Importer
Author(s): Kees Cook
Date: 2010-04-22 17:10:43 UTC
mfrom: (1.1.2 upstream)
Revision ID: james.westby@ubuntu.com-20100422171043-khrw2m21gser7icb

Tags: 0.2.20091117-0ubuntu1

https://launchpad.net/bugs/568744

* New upstream release, converted to source format 3.
* Updated Ubuntu-specific patches thanks to Steve Lawrence (LP: #568744).
* Extracted Makefile change to debian/patches/bashisms.patch.

files added:
.pc

.pc/.version

.pc/applied-patches

.pc/apt.patch

.pc/apt.patch/policy

.pc/apt.patch/policy/modules

.pc/apt.patch/policy/modules/admin

.pc/apt.patch/policy/modules/admin/apt.fc

.pc/apt.patch/policy/modules/admin/apt.te

.pc/avahi.patch

.pc/avahi.patch/policy

.pc/avahi.patch/policy/modules

.pc/avahi.patch/policy/modules/services

.pc/avahi.patch/policy/modules/services/avahi.fc

.pc/avahi.patch/policy/modules/services/avahi.te

.pc/bashisms.patch

.pc/bashisms.patch/Makefile

.pc/bluetooth.patch

.pc/bluetooth.patch/policy

.pc/bluetooth.patch/policy/modules

.pc/bluetooth.patch/policy/modules/services

.pc/bluetooth.patch/policy/modules/services/bluetooth.te

.pc/conf.patch

.pc/conf.patch/build.conf

.pc/conf.patch/config

.pc/conf.patch/config/appconfig-mcs

.pc/conf.patch/config/appconfig-mcs/seusers

.pc/conf.patch/policy

.pc/conf.patch/policy/booleans.conf

.pc/consolekit.patch

.pc/consolekit.patch/policy

.pc/consolekit.patch/policy/modules

.pc/consolekit.patch/policy/modules/services

.pc/consolekit.patch/policy/modules/services/consolekit.if

.pc/consolekit.patch/policy/modules/services/consolekit.te

.pc/corecommands.patch

.pc/corecommands.patch/policy

.pc/corecommands.patch/policy/modules

.pc/corecommands.patch/policy/modules/kernel

.pc/corecommands.patch/policy/modules/kernel/corecommands.fc

.pc/cron.patch

.pc/cron.patch/policy

.pc/cron.patch/policy/modules

.pc/cron.patch/policy/modules/services

.pc/cron.patch/policy/modules/services/cron.te

.pc/cups.patch

.pc/cups.patch/policy

.pc/cups.patch/policy/modules

.pc/cups.patch/policy/modules/services

.pc/cups.patch/policy/modules/services/cups.te

.pc/dbus.patch

.pc/dbus.patch/policy

.pc/dbus.patch/policy/modules

.pc/dbus.patch/policy/modules/services

.pc/dbus.patch/policy/modules/services/dbus.fc

.pc/dbus.patch/policy/modules/services/dbus.if

.pc/dbus.patch/policy/modules/services/dbus.te

.pc/devkit.patch

.pc/devkit.patch/policy

.pc/devkit.patch/policy/modules

.pc/devkit.patch/policy/modules/services

.pc/devkit.patch/policy/modules/services/devicekit.fc

.pc/devkit.patch/policy/modules/services/devicekit.if

.pc/devkit.patch/policy/modules/services/devicekit.te

.pc/devtmpfs.patch

.pc/devtmpfs.patch/policy

.pc/devtmpfs.patch/policy/modules

.pc/devtmpfs.patch/policy/modules/kernel

.pc/devtmpfs.patch/policy/modules/kernel/filesystem.te

.pc/fstools.patch

.pc/fstools.patch/policy

.pc/fstools.patch/policy/modules

.pc/fstools.patch/policy/modules/system

.pc/fstools.patch/policy/modules/system/fstools.te

.pc/gnome.patch

.pc/gnome.patch/policy

.pc/gnome.patch/policy/modules

.pc/gnome.patch/policy/modules/services

.pc/gnome.patch/policy/modules/services/gnomeclock.fc

.pc/gnome.patch/policy/modules/services/gnomeclock.te

.pc/hal.patch

.pc/hal.patch/policy

.pc/hal.patch/policy/modules

.pc/hal.patch/policy/modules/services

.pc/hal.patch/policy/modules/services/hal.te

.pc/init.patch

.pc/init.patch/policy

.pc/init.patch/policy/modules

.pc/init.patch/policy/modules/system

.pc/init.patch/policy/modules/system/init.fc

.pc/init.patch/policy/modules/system/init.if

.pc/init.patch/policy/modules/system/init.te

.pc/kernel.patch

.pc/kernel.patch/policy

.pc/kernel.patch/policy/modules

.pc/kernel.patch/policy/modules/kernel

.pc/kernel.patch/policy/modules/kernel/kernel.te

.pc/libraries.patch

.pc/libraries.patch/policy

.pc/libraries.patch/policy/modules

.pc/libraries.patch/policy/modules/system

.pc/libraries.patch/policy/modules/system/libraries.fc

.pc/locallogin.patch

.pc/locallogin.patch/policy

.pc/locallogin.patch/policy/modules

.pc/locallogin.patch/policy/modules/system

.pc/locallogin.patch/policy/modules/system/locallogin.te

.pc/modemmanager.patch

.pc/modemmanager.patch/policy

.pc/modemmanager.patch/policy/modules

.pc/modemmanager.patch/policy/modules/services

.pc/modemmanager.patch/policy/modules/services/modemmanager.te

.pc/mount.patch

.pc/mount.patch/policy

.pc/mount.patch/policy/modules

.pc/mount.patch/policy/modules/system

.pc/mount.patch/policy/modules/system/mount.fc

.pc/mount.patch/policy/modules/system/mount.te

.pc/networkmanager.patch

.pc/networkmanager.patch/policy

.pc/networkmanager.patch/policy/modules

.pc/networkmanager.patch/policy/modules/services

.pc/networkmanager.patch/policy/modules/services/networkmanager.fc

.pc/networkmanager.patch/policy/modules/services/networkmanager.te

.pc/policykit.patch

.pc/policykit.patch/policy

.pc/policykit.patch/policy/modules

.pc/policykit.patch/policy/modules/services

.pc/policykit.patch/policy/modules/services/policykit.fc

.pc/policykit.patch/policy/modules/services/policykit.if

.pc/policykit.patch/policy/modules/services/policykit.te

.pc/rtkit.patch

.pc/rtkit.patch/policy

.pc/rtkit.patch/policy/modules

.pc/rtkit.patch/policy/modules/services

.pc/rtkit.patch/policy/modules/services/rtkit.fc

.pc/rtkit.patch/policy/modules/services/rtkit.te

.pc/ssh.patch

.pc/ssh.patch/policy

.pc/ssh.patch/policy/modules

.pc/ssh.patch/policy/modules/services

.pc/ssh.patch/policy/modules/services/ssh.fc

.pc/ssh.patch/policy/modules/services/ssh.te

.pc/sysnetwork.patch

.pc/sysnetwork.patch/policy

.pc/sysnetwork.patch/policy/modules

.pc/sysnetwork.patch/policy/modules/system

.pc/sysnetwork.patch/policy/modules/system/sysnetwork.fc

.pc/sysnetwork.patch/policy/modules/system/sysnetwork.if

.pc/sysnetwork.patch/policy/modules/system/sysnetwork.te

.pc/udev.patch

.pc/udev.patch/policy

.pc/udev.patch/policy/modules

.pc/udev.patch/policy/modules/system

.pc/udev.patch/policy/modules/system/udev.te

.pc/unconfined.patch

.pc/unconfined.patch/policy

.pc/unconfined.patch/policy/modules

.pc/unconfined.patch/policy/modules/system

.pc/unconfined.patch/policy/modules/system/unconfined.te

.pc/userdomain.patch

.pc/userdomain.patch/policy

.pc/userdomain.patch/policy/modules

.pc/userdomain.patch/policy/modules/system

.pc/userdomain.patch/policy/modules/system/userdomain.fc

.pc/userdomain.patch/policy/modules/system/userdomain.if

.pc/usermanage.patch

.pc/usermanage.patch/policy

.pc/usermanage.patch/policy/modules

.pc/usermanage.patch/policy/modules/admin

.pc/usermanage.patch/policy/modules/admin/usermanage.fc

.pc/usermanage.patch/policy/modules/admin/usermanage.te

.pc/users.patch

.pc/users.patch/policy

.pc/users.patch/policy/users

.pc/xserver.patch

.pc/xserver.patch/policy

.pc/xserver.patch/policy/modules

.pc/xserver.patch/policy/modules/services

.pc/xserver.patch/policy/modules/services/xserver.fc

.pc/xserver.patch/policy/modules/services/xserver.te

debian/patches/apt.patch

debian/patches/bashisms.patch

debian/patches/devkit.patch

debian/patches/gnome.patch

debian/patches/modemmanager.patch

debian/patches/old/polkit.patch

debian/patches/old/search_dir_open.patch

debian/patches/policykit.patch

debian/patches/rtkit.patch

debian/source

debian/source/format

policy/modules/admin/shorewall.fc

policy/modules/admin/shorewall.if

policy/modules/admin/shorewall.te

policy/modules/apps/gitosis.fc

policy/modules/apps/gitosis.if

policy/modules/apps/gitosis.te

policy/modules/apps/ptchown.fc

policy/modules/apps/ptchown.if

policy/modules/apps/ptchown.te

policy/modules/apps/seunshare.fc

policy/modules/apps/seunshare.if

policy/modules/apps/seunshare.te

policy/modules/apps/xscreensaver.fc

policy/modules/apps/xscreensaver.if

policy/modules/apps/xscreensaver.te

policy/modules/services/abrt.fc

policy/modules/services/abrt.if

policy/modules/services/abrt.te

policy/modules/services/dkim.fc

policy/modules/services/dkim.if

policy/modules/services/dkim.te

policy/modules/services/gnomeclock.fc

policy/modules/services/gnomeclock.if

policy/modules/services/gnomeclock.te

policy/modules/services/hddtemp.fc

policy/modules/services/hddtemp.if

policy/modules/services/hddtemp.te

policy/modules/services/modemmanager.fc

policy/modules/services/modemmanager.if

policy/modules/services/modemmanager.te

policy/modules/services/nslcd.fc

policy/modules/services/nslcd.if

policy/modules/services/nslcd.te

policy/modules/services/puppet.fc

policy/modules/services/puppet.if

policy/modules/services/puppet.te

policy/modules/services/rtkit.fc

policy/modules/services/rtkit.if

policy/modules/services/rtkit.te

policy/modules/services/tgtd.fc

policy/modules/services/tgtd.if

policy/modules/services/tgtd.te

policy/modules/services/tuned.fc

policy/modules/services/tuned.if

policy/modules/services/tuned.te

policy/modules/system/kdump.fc

policy/modules/system/kdump.if

policy/modules/system/kdump.te

support/divert.m4

support/undivert.m4

files removed:
.bzr-builddeb

.bzr-builddeb/default.conf

debian/patches/polkit.patch

debian/patches/search_dir_open.patch

files modified:
Changelog

Makefile

Rules.monolithic

VERSION

build.conf

config/appconfig-mcs/seusers

debian/changelog

debian/control

debian/patches/avahi.patch

debian/patches/bluetooth.patch

debian/patches/conf.patch

debian/patches/consolekit.patch

debian/patches/corecommands.patch

debian/patches/cron.patch

debian/patches/cups.patch

debian/patches/dbus.patch

debian/patches/devtmpfs.patch

debian/patches/dhcp.patch

debian/patches/fstools.patch

debian/patches/hal.patch

debian/patches/init.patch

debian/patches/kernel.patch

debian/patches/libraries.patch

debian/patches/locallogin.patch

debian/patches/mount.patch

debian/patches/networkmanager.patch

debian/patches/series

debian/patches/ssh.patch

debian/patches/sysnetwork.patch

debian/patches/udev.patch

debian/patches/unconfined.patch

debian/patches/userdomain.patch

debian/patches/usermanage.patch

debian/patches/users.patch

debian/patches/xserver.patch

debian/rules

debian/selinux-policy-ubuntu.postinst

debian/selinux-policy-ubuntu.postrm

doc/policy.xml

man/man8/rsync_selinux.8

man/man8/samba_selinux.8

policy/booleans.conf

policy/constraints

policy/flask/access_vectors

policy/flask/security_classes

policy/mcs

policy/modules.conf

policy/modules/admin/acct.te

policy/modules/admin/alsa.te

policy/modules/admin/amanda.te

policy/modules/admin/apt.fc

policy/modules/admin/apt.te

policy/modules/admin/backup.te

policy/modules/admin/bootloader.te

policy/modules/admin/brctl.te

policy/modules/admin/certwatch.te

policy/modules/admin/consoletype.te

policy/modules/admin/dpkg.te

policy/modules/admin/firstboot.te

policy/modules/admin/kismet.if

policy/modules/admin/kismet.te

policy/modules/admin/logrotate.te

policy/modules/admin/logwatch.te

policy/modules/admin/mrtg.te

policy/modules/admin/netutils.te

policy/modules/admin/portage.te

policy/modules/admin/prelink.if

policy/modules/admin/prelink.te

policy/modules/admin/readahead.te

policy/modules/admin/rpm.te

policy/modules/admin/su.te

policy/modules/admin/sudo.if

policy/modules/admin/sudo.te

policy/modules/admin/sxid.te

policy/modules/admin/tmpreaper.te

policy/modules/admin/usermanage.fc

policy/modules/admin/usermanage.te

policy/modules/admin/vbetool.te

policy/modules/admin/vpn.te

policy/modules/apps/ada.te

policy/modules/apps/awstats.te

policy/modules/apps/calamaris.te

policy/modules/apps/cdrecord.te

policy/modules/apps/cpufreqselector.te

policy/modules/apps/evolution.te

policy/modules/apps/games.te

policy/modules/apps/gift.te

policy/modules/apps/gpg.if

policy/modules/apps/gpg.te

policy/modules/apps/irc.te

policy/modules/apps/java.if

policy/modules/apps/java.te

policy/modules/apps/loadkeys.te

policy/modules/apps/mozilla.te

policy/modules/apps/mplayer.te

policy/modules/apps/podsleuth.te

policy/modules/apps/pulseaudio.if

policy/modules/apps/pulseaudio.te

policy/modules/apps/qemu.if

policy/modules/apps/qemu.te

policy/modules/apps/screen.if

policy/modules/apps/screen.te

policy/modules/apps/slocate.te

policy/modules/apps/thunderbird.te

policy/modules/apps/uml.te

policy/modules/apps/vmware.fc

policy/modules/apps/vmware.te

policy/modules/apps/webalizer.te

policy/modules/apps/wireshark.te

policy/modules/apps/yam.te

policy/modules/kernel/corecommands.fc

policy/modules/kernel/corecommands.te

policy/modules/kernel/corenetwork.if

policy/modules/kernel/corenetwork.te

policy/modules/kernel/corenetwork.te.in

policy/modules/kernel/devices.if

policy/modules/kernel/devices.te

policy/modules/kernel/domain.te

policy/modules/kernel/files.if

policy/modules/kernel/files.te

policy/modules/kernel/filesystem.te

policy/modules/kernel/kernel.te

policy/modules/kernel/mcs.if

policy/modules/kernel/mcs.te

policy/modules/kernel/mls.te

policy/modules/kernel/selinux.te

policy/modules/kernel/terminal.if

policy/modules/roles/auditadm.te

policy/modules/roles/secadm.te

policy/modules/roles/sysadm.te

policy/modules/roles/webadm.te

policy/modules/services/afs.te

policy/modules/services/amavis.te

policy/modules/services/apache.te

policy/modules/services/apcupsd.te

policy/modules/services/apm.te

policy/modules/services/arpwatch.te

policy/modules/services/asterisk.te

policy/modules/services/audioentropy.te

policy/modules/services/automount.te

policy/modules/services/avahi.fc

policy/modules/services/avahi.te

policy/modules/services/bind.te

policy/modules/services/bitlbee.te

policy/modules/services/bluetooth.te

policy/modules/services/canna.te

policy/modules/services/ccs.te

policy/modules/services/cipe.te

policy/modules/services/clamav.te

policy/modules/services/clockspeed.te

policy/modules/services/comsat.te

policy/modules/services/consolekit.if

policy/modules/services/consolekit.te

policy/modules/services/courier.te

policy/modules/services/cron.fc

policy/modules/services/cron.if

policy/modules/services/cron.te

policy/modules/services/cups.te

policy/modules/services/cvs.te

policy/modules/services/cyphesis.te

policy/modules/services/cyrus.te

policy/modules/services/dante.te

policy/modules/services/dbskk.te

policy/modules/services/dbus.fc

policy/modules/services/dbus.if

policy/modules/services/dbus.te

policy/modules/services/dcc.te

policy/modules/services/ddclient.te

policy/modules/services/devicekit.fc

policy/modules/services/devicekit.if

policy/modules/services/devicekit.te

policy/modules/services/dhcp.te

policy/modules/services/dictd.te

policy/modules/services/distcc.te

policy/modules/services/djbdns.te

policy/modules/services/dnsmasq.te

policy/modules/services/dovecot.te

policy/modules/services/exim.te

policy/modules/services/fail2ban.te

policy/modules/services/fetchmail.te

policy/modules/services/finger.te

policy/modules/services/ftp.te

policy/modules/services/gatekeeper.te

policy/modules/services/gpm.te

policy/modules/services/hal.te

policy/modules/services/howl.te

policy/modules/services/i18n_input.te

policy/modules/services/imaze.te

policy/modules/services/inetd.te

policy/modules/services/inn.te

policy/modules/services/ircd.te

policy/modules/services/jabber.te

policy/modules/services/kerberos.te

policy/modules/services/kerneloops.te

policy/modules/services/ktalk.te

policy/modules/services/ldap.te

policy/modules/services/lpd.te

policy/modules/services/mailman.te

policy/modules/services/memcached.te

policy/modules/services/milter.te

policy/modules/services/monop.te

policy/modules/services/mta.te

policy/modules/services/munin.te

policy/modules/services/mysql.te

policy/modules/services/nagios.te

policy/modules/services/nessus.te

policy/modules/services/networkmanager.fc

policy/modules/services/networkmanager.te

policy/modules/services/nis.te

policy/modules/services/nscd.fc

policy/modules/services/nscd.if

policy/modules/services/nscd.te

policy/modules/services/nsd.te

policy/modules/services/ntop.te

policy/modules/services/ntp.te

policy/modules/services/nx.te

policy/modules/services/oav.te

policy/modules/services/oddjob.te

policy/modules/services/oident.te

policy/modules/services/openvpn.te

policy/modules/services/pcscd.te

policy/modules/services/pegasus.te

policy/modules/services/perdition.te

policy/modules/services/policykit.fc

policy/modules/services/policykit.if

policy/modules/services/policykit.te

policy/modules/services/portmap.te

policy/modules/services/portreserve.te

policy/modules/services/portslave.te

policy/modules/services/postfix.te

policy/modules/services/postfixpolicyd.te

policy/modules/services/postgresql.te

policy/modules/services/postgrey.te

policy/modules/services/ppp.te

policy/modules/services/prelude.te

policy/modules/services/privoxy.te

policy/modules/services/procmail.te

policy/modules/services/pyzor.te

policy/modules/services/radius.te

policy/modules/services/radvd.te

policy/modules/services/razor.te

policy/modules/services/rdisc.te

policy/modules/services/remotelogin.te

policy/modules/services/rhgb.te

policy/modules/services/ricci.te

policy/modules/services/rlogin.te

policy/modules/services/roundup.te

policy/modules/services/rpc.te

policy/modules/services/rpcbind.te

policy/modules/services/rshd.te

policy/modules/services/rsync.te

policy/modules/services/rwho.te

policy/modules/services/samba.te

policy/modules/services/sasl.te

policy/modules/services/sendmail.te

policy/modules/services/setroubleshoot.te

policy/modules/services/smartmon.te

policy/modules/services/snmp.te

policy/modules/services/snort.te

policy/modules/services/soundserver.te

policy/modules/services/spamassassin.te

policy/modules/services/squid.te

policy/modules/services/ssh.fc

policy/modules/services/ssh.te

policy/modules/services/stunnel.te

policy/modules/services/sysstat.te

policy/modules/services/tcpd.te

policy/modules/services/telnet.te

policy/modules/services/tftp.te

policy/modules/services/timidity.te

policy/modules/services/tor.te

policy/modules/services/transproxy.te

policy/modules/services/ucspitcp.te

policy/modules/services/ulogd.te

policy/modules/services/uucp.te

policy/modules/services/uwimap.te

policy/modules/services/varnishd.te

policy/modules/services/virt.if

policy/modules/services/virt.te

policy/modules/services/watchdog.te

policy/modules/services/xfs.te

policy/modules/services/xprint.te

policy/modules/services/xserver.fc

policy/modules/services/xserver.if

policy/modules/services/xserver.te

policy/modules/services/zebra.te

policy/modules/services/zosremote.te

policy/modules/system/authlogin.te

policy/modules/system/clock.te

policy/modules/system/fstools.te

policy/modules/system/getty.te

policy/modules/system/hostname.te

policy/modules/system/hotplug.te

policy/modules/system/init.fc

policy/modules/system/init.if

policy/modules/system/init.te

policy/modules/system/ipsec.te

policy/modules/system/iptables.fc

policy/modules/system/iptables.te

policy/modules/system/iscsi.te

policy/modules/system/libraries.fc

policy/modules/system/libraries.te

policy/modules/system/locallogin.te

policy/modules/system/logging.if

policy/modules/system/logging.te

policy/modules/system/lvm.te

policy/modules/system/miscfiles.te

policy/modules/system/modutils.te

policy/modules/system/mount.fc

policy/modules/system/mount.te

policy/modules/system/pcmcia.te

policy/modules/system/raid.te

policy/modules/system/selinuxutil.te

policy/modules/system/setrans.te

policy/modules/system/sysnetwork.fc

policy/modules/system/sysnetwork.if

policy/modules/system/sysnetwork.te

policy/modules/system/udev.te

policy/modules/system/unconfined.te

policy/modules/system/userdomain.fc

policy/modules/system/userdomain.if

policy/modules/system/userdomain.te

policy/modules/system/xen.te

policy/support/obj_perm_sets.spt

policy/users

Show diffs side-by-side

added added

removed removed

.pc/devkit.patch/policy/modules/services/devicekit.if

1

## <summary>Devicekit modular hardware abstraction layer</summary>

2

3

########################################

4

## <summary>

5

## Execute a domain transition to run devicekit.

6

## </summary>

7

## <param name="domain">

8

## <summary>

9

## Domain allowed to transition.

10

## </summary>

11

## </param>

12

#

13

interface(`devicekit_domtrans',`

14

gen_require(`

15

type devicekit_t, devicekit_exec_t;

16

')

17

18

domtrans_pattern($1, devicekit_exec_t, devicekit_t)

19

')

20

21

########################################

22

## <summary>

23

## Send to devicekit over a unix domain

24

## datagram socket.

25

## </summary>

26

## <param name="domain">

27

## <summary>

28

## Domain allowed access.

29

## </summary>

30

## </param>

31

#

32

interface(`devicekit_dgram_send',`

33

gen_require(`

34

type devicekit_t;

35

')

36

37

allow $1 devicekit_t:unix_dgram_socket sendto;

38

')

39

40

########################################

41

## <summary>

42

## Send and receive messages from

43

## devicekit over dbus.

44

## </summary>

45

## <param name="domain">

46

## <summary>

47

## Domain allowed access.

48

## </summary>

49

## </param>

50

#

51

interface(`devicekit_dbus_chat',`

52

gen_require(`

53

type devicekit_t;

54

class dbus send_msg;

55

')

56

57

allow $1 devicekit_t:dbus send_msg;

58

allow devicekit_t $1:dbus send_msg;

59

')

60

61

########################################

62

## <summary>

63

## Send and receive messages from

64

## devicekit disk over dbus.

65

## </summary>

66

## <param name="domain">

67

## <summary>

68

## Domain allowed access.

69

## </summary>

70

## </param>

71

#

72

interface(`devicekit_dbus_chat_disk',`

73

gen_require(`

74

type devicekit_disk_t;

75

class dbus send_msg;

76

')

77

78

allow $1 devicekit_disk_t:dbus send_msg;

79

allow devicekit_disk_t $1:dbus send_msg;

80

')

81

82

########################################

83

## <summary>

84

## Send signal devicekit power

85

## </summary>

86

## <param name="domain">

87

## <summary>

88

## Domain allowed access.

89

## </summary>

90

## </param>

91

#

92

interface(`devicekit_signal_power',`

93

gen_require(`

94

type devicekit_power_t;

95

')

96

97

allow $1 devicekit_power_t:process signal;

98

')

99

100

########################################

101

## <summary>

102

## Send and receive messages from

103

## devicekit power over dbus.

104

## </summary>

105

## <param name="domain">

106

## <summary>

107

## Domain allowed access.

108

## </summary>

109

## </param>

110

#

111

interface(`devicekit_dbus_chat_power',`

112

gen_require(`

113

type devicekit_power_t;

114

class dbus send_msg;

115

')

116

117

allow $1 devicekit_power_t:dbus send_msg;

118

allow devicekit_power_t $1:dbus send_msg;

119

')

120

121

########################################

122

## <summary>

123

## Read devicekit PID files.

124

## </summary>

125

## <param name="domain">

126

## <summary>

127

## Domain allowed access.

128

## </summary>

129

## </param>

130

#

131

interface(`devicekit_read_pid_files',`

132

gen_require(`

133

type devicekit_var_run_t;

134

')

135

136

files_search_pids($1)

137

read_files_pattern($1, devicekit_var_run_t, devicekit_var_run_t)

138

')

139

140

########################################

141

## <summary>

142

## All of the rules required to administrate

143

## an devicekit environment

144

## </summary>

145

## <param name="domain">

146

## <summary>

147

## Domain allowed access.

148

## </summary>

149

## </param>

150

## <param name="role">

151

## <summary>

152

## The role to be allowed to manage the devicekit domain.

153

## </summary>

154

## </param>

155

## <param name="terminal">

156

## <summary>

157

## The type of the user terminal.

158

## </summary>

159

## </param>

160

## <rolecap/>

161

#

162

interface(`devicekit_admin',`

163

gen_require(`

164

type devicekit_t, devicekit_disk_t, devicekit_power_t;

165

type devicekit_var_run_t;

166

')

167

168

allow $1 devicekit_t:process { ptrace signal_perms getattr };

169

ps_process_pattern($1, devicekit_t)

170

171

allow $1 devicekit_disk_t:process { ptrace signal_perms getattr };

172

ps_process_pattern($1, devicekit_disk_t)

173

174

allow $1 devicekit_power_t:process { ptrace signal_perms getattr };

175

ps_process_pattern($1, devicekit_power_t)

176

177

admin_pattern($1, devicekit_tmp_t)

178

files_search_tmp($1)

179

180

admin_pattern($1, devicekit_var_lib_t)

181

files_search_var_lib($1)

182

183

admin_pattern($1, devicekit_var_run_t)

184

files_search_pids($1)

185

')

Older »