## Virtual Private Networking client.
########################################
##
## Execute vpn clients in the vpnc domain.
##
##
##
## Domain allowed to transition.
##
##
#
interface(`vpn_domtrans',`
gen_require(`
type vpnc_t, vpnc_exec_t;
')
corecmd_search_bin($1)
domtrans_pattern($1, vpnc_exec_t, vpnc_t)
')
########################################
##
## Execute vpn clients in the vpnc
## domain, and allow the specified
## role the vpnc domain.
##
##
##
## Domain allowed to transition.
##
##
##
##
## Role allowed access.
##
##
##
#
interface(`vpn_run',`
gen_require(`
attribute_role vpnc_roles;
')
vpn_domtrans($1)
roleattribute $2 vpnc_roles;
')
########################################
##
## Send kill signals to vpnc.
##
##
##
## Domain allowed access.
##
##
#
interface(`vpn_kill',`
gen_require(`
type vpnc_t;
')
allow $1 vpnc_t:process sigkill;
')
########################################
##
## Send generic signals to vpnc.
##
##
##
## Domain allowed access.
##
##
#
interface(`vpn_signal',`
gen_require(`
type vpnc_t;
')
allow $1 vpnc_t:process signal;
')
########################################
##
## Send null signals to vpnc.
##
##
##
## Domain allowed access.
##
##
#
interface(`vpn_signull',`
gen_require(`
type vpnc_t;
')
allow $1 vpnc_t:process signull;
')
########################################
##
## Send and receive messages from
## vpnc over dbus.
##
##
##
## Domain allowed access.
##
##
#
interface(`vpn_dbus_chat',`
gen_require(`
type vpnc_t;
class dbus send_msg;
')
allow $1 vpnc_t:dbus send_msg;
allow vpnc_t $1:dbus send_msg;
')
########################################
##
## Relabelfrom from vpnc socket.
##
##
##
## Domain allowed access.
##
##
#
interface(`vpn_relabelfrom_tun_socket',`
gen_require(`
type vpnc_t;
')
allow $1 vpnc_t:tun_socket relabelfrom;
')