From 4202ab7bf8ccf177c2a6adbaaaa62a260448b2b3 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Tue, 1 Mar 2011 08:40:55 -0500
Subject: [PATCH] Alsa update from Miroslav Grepl

* alsa creates tmp files
* add alsa_run() interface
* fix interface calling for alsa config files
---
 policy/modules/admin/alsa.if | 26 ++++++++++++++++++++++++++
 policy/modules/admin/alsa.te | 12 ++++++++++--
 2 files changed, 36 insertions(+), 2 deletions(-)

diff --git a/policy/modules/admin/alsa.if b/policy/modules/admin/alsa.if
index 90d5203ec..139267933 100644
--- a/policy/modules/admin/alsa.if
+++ b/policy/modules/admin/alsa.if
@@ -19,6 +19,32 @@ interface(`alsa_domtrans',`
 	domtrans_pattern($1, alsa_exec_t, alsa_t)
 ')
 
+########################################
+## <summary>
+##	Execute a domain transition to run
+##	Alsa, and allow the specified role
+##	the Alsa domain.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed to transition.
+##	</summary>
+## </param>
+## <param name="role">
+##	<summary>
+##	Role allowed access.
+##	</summary>
+## </param>
+#
+interface(`alsa_run',`
+	gen_require(`
+		type alsa_t;
+	')
+
+	alsa_domtrans($1)
+	role $2 types alsa_t;
+')
+
 ########################################
 ## <summary>
 ##	Read and write Alsa semaphores.
diff --git a/policy/modules/admin/alsa.te b/policy/modules/admin/alsa.te
index a7c79715a..93903f06f 100644
--- a/policy/modules/admin/alsa.te
+++ b/policy/modules/admin/alsa.te
@@ -1,4 +1,4 @@
-policy_module(alsa, 1.10.0)
+policy_module(alsa, 1.10.1)
 
 ########################################
 #
@@ -11,7 +11,10 @@ init_system_domain(alsa_t, alsa_exec_t)
 role system_r types alsa_t;
 
 type alsa_etc_rw_t;
-files_type(alsa_etc_rw_t)
+files_config_file(alsa_etc_rw_t)
+
+type alsa_tmp_t;
+files_tmp_file(alsa_tmp_t)
 
 type alsa_var_lib_t;
 files_type(alsa_var_lib_t)
@@ -39,6 +42,11 @@ files_etc_filetrans(alsa_t, alsa_etc_rw_t, file)
 
 can_exec(alsa_t, alsa_exec_t)
 
+manage_dirs_pattern(alsa_t, alsa_tmp_t, alsa_tmp_t)
+manage_files_pattern(alsa_t, alsa_tmp_t, alsa_tmp_t)
+files_tmp_filetrans(alsa_t, alsa_tmp_t, { dir file })
+userdom_user_tmp_filetrans(alsa_t, alsa_tmp_t, { dir file })
+
 manage_dirs_pattern(alsa_t, alsa_var_lib_t, alsa_var_lib_t)
 manage_files_pattern(alsa_t, alsa_var_lib_t, alsa_var_lib_t)
 files_search_var_lib(alsa_t)