selinux-refpolicy/policy/modules/admin/amtu.if

52 lines
1014 B
Plaintext

## <summary>Abstract Machine Test Utility</summary>
########################################
## <summary>
## Execute amtu in the amtu domain.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`amtu_domtrans',`
gen_require(`
type amtu_t, amtu_exec_t;
')
corecmd_search_bin($1)
domtrans_pattern($1, amtu_exec_t, amtu_t)
')
########################################
## <summary>
## Execute amtu in the amtu domain, and
## allow the specified role the amtu domain.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <param name="role">
## <summary>
## The role to be allowed the amtu domain.
## </summary>
## </param>
## <param name="terminal">
## <summary>
## The type of the terminal allow the amtu domain to use.
## </summary>
## </param>
#
interface(`amtu_run',`
gen_require(`
type amtu_t;
')
amtu_domtrans($1)
role $2 types amtu_t;
allow amtu_t $3:chr_file rw_term_perms;
')