Write gps-device policy module

3 files changed, 21 insertions, 51 deletions

diff --git a/gps-device.fc b/gps-device.fc
index 9cf7c4c..e69de29 100644
--- a/gps-device.fc
+++ b/gps-device.fc
@@ -1,6 +0,0 @@
-# myapp executable will have:
-# label: system_u:object_r:myapp_exec_t
-# MLS sensitivity: s0
-# MCS categories: <none>
-
-/usr/sbin/myapp		--	gen_context(system_u:object_r:myapp_exec_t,s0)
diff --git a/gps-device.if b/gps-device.if
index e2ff094..ce0d046 100644
--- a/gps-device.if
+++ b/gps-device.if
@@ -1,17 +1,9 @@
-## <summary>Myapp example policy</summary>
+## <summary>GPS device file type</summary>
 ## <desc>
 ##	<p>
-##		More descriptive text about myapp.  The desc
-##		tag can also use p, ul, and ol
-##		html tags for formatting.
-##	</p>
-##	<p>
-##		This policy supports the following myapp features:
-##		<ul>
-##		<li>Feature A</li>
-##		<li>Feature B</li>
-##		<li>Feature C</li>
-##		</ul>
+##		This module just defines gps_device_t,
+##              by copying the definition of usb_device_t
+#               from the reference policy.
 ##	</p>
 ## </desc>
 #
@@ -19,7 +11,7 @@
 
 ########################################
 ## <summary>
-##	Getattr generic the USB devices.
+##	Getattr generic the GPS devices.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -27,17 +19,17 @@
 ##	</summary>
 ## </param>
 #
-interface(`dev_getattr_generic_usb_dev',`
+interface(`gps_device_getattr_gps_dev,`
 	gen_require(`
-		type usb_device_t;
+		type gps_device_t;
 	')
 
-	getattr_chr_files_pattern($1, device_t, usb_device_t)
+	getattr_chr_files_pattern($1, device_t, gps_device_t)
 ')
 
 ########################################
 ## <summary>
-##	Setattr generic the USB devices.
+##	Setattr generic the GPS devices.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -45,17 +37,17 @@ interface(`dev_getattr_generic_usb_dev',`
 ##	</summary>
 ## </param>
 #
-interface(`dev_setattr_generic_usb_dev',`
+interface(`gps_device_setattr_gps_dev,`
 	gen_require(`
-		type usb_device_t;
+		type gps_device_t;
 	')
 
-	setattr_chr_files_pattern($1, device_t, usb_device_t)
+	setattr_chr_files_pattern($1, device_t, gps_device_t)
 ')
 
 ########################################
 ## <summary>
-##	Read generic the USB devices.
+##	Read generic the GPS devices.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -63,17 +55,17 @@ interface(`dev_setattr_generic_usb_dev',`
 ##	</summary>
 ## </param>
 #
-interface(`dev_read_generic_usb_dev',`
+interface(`gps_device_read_gps_dev,`
 	gen_require(`
-		type usb_device_t;
+		type gps_device_t;
 	')
 
-	read_chr_files_pattern($1, device_t, usb_device_t)
+	read_chr_files_pattern($1, device_t, gps_device_t)
 ')
 
 ########################################
 ## <summary>
-##	Read and write generic the USB devices.
+##	Read and write generic the GPS devices.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -81,13 +73,13 @@ interface(`dev_read_generic_usb_dev',`
 ##	</summary>
 ## </param>
 #
-interface(`dev_rw_generic_usb_dev',`
+interface(`gps_device_rw_gps_dev,`
 	gen_require(`
 		type device_t;
-		type usb_device_t;
+		type gps_device_t;
 	')
 
-	rw_chr_files_pattern($1, device_t, usb_device_t)
+	rw_chr_files_pattern($1, device_t, gps_device_t)
 ')
 
 
diff --git a/gps-device.te b/gps-device.te
index 8238355..4ec2170 100644
--- a/gps-device.te
+++ b/gps-device.te
@@ -1,28 +1,12 @@
-
-policy_module(myapp,1.0.0)
+policy_module(gps-device,0.0.1)
 
 ########################################
 #
 # Declarations
 #
 
-type myapp_t;
-type myapp_exec_t;
-domain_type(myapp_t)
-domain_entry_file(myapp_t, myapp_exec_t)
-
-type myapp_log_t;
-logging_log_file(myapp_log_t)
-
-type myapp_tmp_t;
-files_tmp_file(myapp_tmp_t)
 
 ########################################
 #
 # Myapp local policy
 #
-
-allow myapp_t myapp_log_t:file { read_file_perms append_file_perms };
-
-allow myapp_t myapp_tmp_t:file manage_file_perms;
-files_tmp_filetrans(myapp_t,myapp_tmp_t,file)