# Copyright (C) 2005 Tresys Technology, LLC

#######################################
#
# hotplug_transition(domain)
#
define(`hotplug_transition',`
requires_block_template(hotplug_transition_depend)
allow $1 hotplug_exec_t:file { getattr read execute };
allow $1 hotplug_t:process transition;
type_transition $1 hotplug_exec_t:file hotplug_t;
dontaudit $1 hotplug_t:process { noatsecure siginh rlimitinh };
')

define(`hotplug_transition_depend',`
type hotplug_t, hotplug_exec_t;
class file { getattr read execute };
class process { transition noatsecure siginh rlimitinh };
')

#######################################
#
# hotplug_execute(domain)
#
define(`hotplug_execute',`
requires_block_template(hotplug_execute_depend)
allow $1 hotplug_exec_t:file { getattr read execute execute_no_trans };
')

define(`hotplug_execute_depend',`
type hotplug_t;
class file { getattr read execute execute_no_trans };
')

#######################################
#
# hotplug_use_file_descriptors(domain)
#
define(`hotplug_use_file_descriptors',`
requires_block_template(hotplug_use_file_descriptors_depend)
allow $1 hotplug_t:fd use;
')

define(`hotplug_use_file_descriptors_depend',`
type hotplug_t;
class fd use;
')