policy_module(alsa,1.1.1) ######################################## # # Declarations # type alsa_t; type alsa_exec_t; application_domain(alsa_t, alsa_exec_t) role system_r types alsa_t; type alsa_etc_rw_t; files_type(alsa_etc_rw_t) ######################################## # # Local policy # allow alsa_t self:capability { setgid setuid ipc_owner }; dontaudit alsa_t self:capability sys_admin; allow alsa_t self:sem create_sem_perms; allow alsa_t self:shm create_shm_perms; allow alsa_t self:unix_stream_socket create_stream_socket_perms; allow alsa_t self:unix_dgram_socket create_socket_perms; manage_files_pattern(alsa_t,alsa_etc_rw_t,alsa_etc_rw_t) manage_lnk_files_pattern(alsa_t,alsa_etc_rw_t,alsa_etc_rw_t) files_read_etc_files(alsa_t) term_use_generic_ptys(alsa_t) term_dontaudit_use_unallocated_ttys(alsa_t) libs_use_ld_so(alsa_t) libs_use_shared_libs(alsa_t) logging_send_syslog_msg(alsa_t) miscfiles_read_localization(alsa_t) userdom_manage_unpriv_user_semaphores(alsa_t) userdom_manage_unpriv_user_shared_mem(alsa_t) optional_policy(` nscd_socket_use(alsa_t) ')