diff options
| -rw-r--r-- | gps-device.fc (renamed from gpsd-devices.fc) | 0 | ||||
| -rw-r--r-- | gps-device.if | 93 | ||||
| -rw-r--r-- | gps-device.te (renamed from gpsd-devices.te) | 0 | ||||
| -rw-r--r-- | gpsd-devices.if | 54 |
4 files changed, 93 insertions, 54 deletions
diff --git a/gpsd-devices.fc b/gps-device.fc index 9cf7c4c..9cf7c4c 100644 --- a/gpsd-devices.fc +++ b/gps-device.fc diff --git a/gps-device.if b/gps-device.if new file mode 100644 index 0000000..e2ff094 --- /dev/null +++ b/gps-device.if @@ -0,0 +1,93 @@ +## <summary>Myapp example policy</summary> +## <desc> +## <p> +## More descriptive text about myapp. The desc +## tag can also use p, ul, and ol +## html tags for formatting. +## </p> +## <p> +## This policy supports the following myapp features: +## <ul> +## <li>Feature A</li> +## <li>Feature B</li> +## <li>Feature C</li> +## </ul> +## </p> +## </desc> +# + + +######################################## +## <summary> +## Getattr generic the USB devices. +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`dev_getattr_generic_usb_dev',` + gen_require(` + type usb_device_t; + ') + + getattr_chr_files_pattern($1, device_t, usb_device_t) +') + +######################################## +## <summary> +## Setattr generic the USB devices. +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`dev_setattr_generic_usb_dev',` + gen_require(` + type usb_device_t; + ') + + setattr_chr_files_pattern($1, device_t, usb_device_t) +') + +######################################## +## <summary> +## Read generic the USB devices. +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`dev_read_generic_usb_dev',` + gen_require(` + type usb_device_t; + ') + + read_chr_files_pattern($1, device_t, usb_device_t) +') + +######################################## +## <summary> +## Read and write generic the USB devices. +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`dev_rw_generic_usb_dev',` + gen_require(` + type device_t; + type usb_device_t; + ') + + rw_chr_files_pattern($1, device_t, usb_device_t) +') + + diff --git a/gpsd-devices.te b/gps-device.te index 8238355..8238355 100644 --- a/gpsd-devices.te +++ b/gps-device.te diff --git a/gpsd-devices.if b/gpsd-devices.if deleted file mode 100644 index 54d42ae..0000000 --- a/gpsd-devices.if +++ /dev/null @@ -1,54 +0,0 @@ -## <summary>Myapp example policy</summary> -## <desc> -## <p> -## More descriptive text about myapp. The desc -## tag can also use p, ul, and ol -## html tags for formatting. -## </p> -## <p> -## This policy supports the following myapp features: -## <ul> -## <li>Feature A</li> -## <li>Feature B</li> -## <li>Feature C</li> -## </ul> -## </p> -## </desc> -# - -######################################## -## <summary> -## Execute a domain transition to run myapp. -## </summary> -## <param name="domain"> -## <summary> -## Domain allowed to transition. -## </summary> -## </param> -# -interface(`myapp_domtrans',` - gen_require(` - type myapp_t, myapp_exec_t; - ') - - domtrans_pattern($1,myapp_exec_t,myapp_t) -') - -######################################## -## <summary> -## Read myapp log files. -## </summary> -## <param name="domain"> -## <summary> -## Domain allowed to read the log files. -## </summary> -## </param> -# -interface(`myapp_read_log',` - gen_require(` - type myapp_log_t; - ') - - logging_search_logs($1) - allow $1 myapp_log_t:file read_file_perms; -') |