policy_module(uuidd, 1.5.0) ######################################## # # Declarations # type uuidd_t; type uuidd_exec_t; init_daemon_domain(uuidd_t, uuidd_exec_t) type uuidd_initrc_exec_t; init_script_file(uuidd_initrc_exec_t) type uuidd_runtime_t alias uuidd_var_run_t; files_runtime_file(uuidd_runtime_t) type uuidd_var_lib_t; files_type(uuidd_var_lib_t) ######################################## # # Local policy # allow uuidd_t self:capability setuid; allow uuidd_t self:process signal; allow uuidd_t self:fifo_file rw_fifo_file_perms; allow uuidd_t self:unix_stream_socket create_stream_socket_perms; allow uuidd_t self:udp_socket create_socket_perms; manage_dirs_pattern(uuidd_t, uuidd_var_lib_t, uuidd_var_lib_t) manage_files_pattern(uuidd_t, uuidd_var_lib_t, uuidd_var_lib_t) files_var_lib_filetrans(uuidd_t, uuidd_var_lib_t, { dir file }) manage_dirs_pattern(uuidd_t, uuidd_runtime_t, uuidd_runtime_t) manage_files_pattern(uuidd_t, uuidd_runtime_t, uuidd_runtime_t) manage_sock_files_pattern(uuidd_t, uuidd_runtime_t, uuidd_runtime_t) files_runtime_filetrans(uuidd_t, uuidd_runtime_t, { dir file sock_file }) dev_read_urand(uuidd_t) domain_use_interactive_fds(uuidd_t) files_read_etc_files(uuidd_t) miscfiles_read_localization(uuidd_t)