## Policy for podman
########################################
##
## Execute podman in the podman domain.
##
##
##
## Domain allowed to transition.
##
##
#
interface(`podman_domtrans',`
gen_require(`
type podman_t, podman_exec_t;
')
corecmd_search_bin($1)
domtrans_pattern($1, podman_exec_t, podman_t)
')
########################################
##
## Execute podman in the podman domain,
## and allow the specified role the
## podman domain.
##
##
##
## Domain allowed to transition.
##
##
##
##
## The role to be allowed the podman domain.
##
##
#
interface(`podman_run',`
gen_require(`
type podman_t;
')
role $2 types podman_t;
podman_domtrans($1)
')
########################################
##
## All of the rules required to
## administrate a podman
## environment.
##
##
##
## Domain allowed access.
##
##
##
##
## Role allowed access.
##
##
##
#
interface(`podman_admin',`
podman_run($1, $2)
')