Dominick Grift 8296eb
## <summary>Advanced Maryland Automatic Network Disk Archiver.</summary>
Chris PeBenito 44fc06
Chris PeBenito 44fc06
########################################
Chris PeBenito 44fc06
## <summary>
Dominick Grift 8296eb
##	Execute a domain transition to run
Dominick Grift 8296eb
##	Amanda recover.
Chris PeBenito 44fc06
## </summary>
Chris PeBenito 44fc06
## <param name="domain">
Chris PeBenito 885b83
##	<summary>
Dominick Grift 77e4b5
##	Domain allowed to transition.
Chris PeBenito 885b83
##	</summary>
Chris PeBenito 44fc06
## </param>
Chris PeBenito 44fc06
#
Chris PeBenito 44fc06
interface(`amanda_domtrans_recover',`
Chris PeBenito 44fc06
	gen_require(`
Chris PeBenito 44fc06
		type amanda_recover_t, amanda_recover_exec_t;
Chris PeBenito 44fc06
	')
Chris PeBenito 44fc06
Dominick Grift 8296eb
	corecmd_search_bin($1)
Chris PeBenito 0bfccd
	domtrans_pattern($1, amanda_recover_exec_t, amanda_recover_t)
Chris PeBenito 44fc06
')
Chris PeBenito 44fc06
Chris PeBenito 44fc06
########################################
Chris PeBenito 44fc06
## <summary>
Dominick Grift 8296eb
##	Execute a domain transition to run
Dominick Grift 8296eb
##	Amanda recover, and allow the specified
Dominick Grift 8296eb
##	role the Amanda recover domain.
Chris PeBenito 44fc06
## </summary>
Chris PeBenito 44fc06
## <param name="domain">
Chris PeBenito 885b83
##	<summary>
Dominick Grift 77e4b5
##	Domain allowed to transition.
Chris PeBenito 885b83
##	</summary>
Chris PeBenito 44fc06
## </param>
Chris PeBenito 44fc06
## <param name="role">
Chris PeBenito 885b83
##	<summary>
Chris PeBenito a7ee7f
##	Role allowed access.
Chris PeBenito 885b83
##	</summary>
Chris PeBenito 44fc06
## </param>
Chris PeBenito bbcd3c
## <rolecap/>
Chris PeBenito 44fc06
#
Chris PeBenito 44fc06
interface(`amanda_run_recover',`
Chris PeBenito 44fc06
	gen_require(`
Chris PeBenito 44fc06
		type amanda_recover_t;
Chris PeBenito 44fc06
	')
Chris PeBenito 44fc06
Chris PeBenito 44fc06
	amanda_domtrans_recover($1)
Chris PeBenito 44fc06
	role $2 types amanda_recover_t;
Chris PeBenito 44fc06
')
Chris PeBenito 44fc06
Chris PeBenito 44fc06
########################################
Chris PeBenito 44fc06
## <summary>
Dominick Grift 8296eb
##	Search Amanda library directories.
Chris PeBenito 44fc06
## </summary>
Chris PeBenito 44fc06
## <param name="domain">
Chris PeBenito 885b83
##	<summary>
Chris PeBenito a72e42
##	Domain allowed access.
Chris PeBenito 885b83
##	</summary>
Chris PeBenito 44fc06
## </param>
Chris PeBenito 44fc06
#
Chris PeBenito 44fc06
interface(`amanda_search_lib',`
Chris PeBenito 44fc06
	gen_require(`
Chris PeBenito 44fc06
		type amanda_usr_lib_t;
Chris PeBenito 44fc06
	')
Chris PeBenito 44fc06
Chris PeBenito 44fc06
	files_search_usr($1)
Dominick Grift 8296eb
	allow $1 amanda_usr_lib_t:dir search_dir_perms;
Chris PeBenito 44fc06
')
Chris PeBenito 757207
Chris PeBenito 757207
########################################
Chris PeBenito 757207
## <summary>
Chris PeBenito 757207
##	Do not audit attempts to read /etc/dumpdates.
Chris PeBenito 757207
## </summary>
Chris PeBenito 757207
## <param name="domain">
Chris PeBenito 885b83
##	<summary>
Chris PeBenito 757207
##	Domain to not audit.
Chris PeBenito 885b83
##	</summary>
Chris PeBenito 757207
## </param>
Chris PeBenito 757207
#
Chris PeBenito 757207
interface(`amanda_dontaudit_read_dumpdates',`
Chris PeBenito 757207
	gen_require(`
Chris PeBenito 757207
		type amanda_dumpdates_t;
Chris PeBenito 757207
	')
Chris PeBenito 757207
Chris PeBenito 757207
	dontaudit $1 amanda_dumpdates_t:file { getattr read };
Chris PeBenito 757207
')
Chris PeBenito 46c69c
Chris PeBenito 46c69c
########################################
Chris PeBenito 46c69c
## <summary>
Dominick Grift 8296eb
##	Read and write /etc/dumpdates.
Chris PeBenito 46c69c
## </summary>
Chris PeBenito 46c69c
## <param name="domain">
Chris PeBenito 46c69c
##	<summary>
Dominick Grift 77e4b5
##	Domain allowed access.
Chris PeBenito 46c69c
##	</summary>
Chris PeBenito 46c69c
## </param>
Chris PeBenito 46c69c
#
Chris PeBenito 46c69c
interface(`amanda_rw_dumpdates_files',`
Chris PeBenito 46c69c
	gen_require(`
Chris PeBenito 46c69c
		type amanda_dumpdates_t;
Chris PeBenito 46c69c
	')
Chris PeBenito 46c69c
Dominick Grift 8296eb
	files_search_etc($1)
Chris PeBenito 46c69c
	allow $1 amanda_dumpdates_t:file rw_file_perms;
Chris PeBenito 46c69c
')
Chris PeBenito d6d16b
Chris PeBenito d6d16b
########################################
Chris PeBenito d6d16b
## <summary>
Dominick Grift 8296eb
##	Search Amanda library directories.
Chris PeBenito d6d16b
## </summary>
Chris PeBenito d6d16b
## <param name="domain">
Chris PeBenito d6d16b
##	<summary>
Chris PeBenito a72e42
##	Domain allowed access.
Chris PeBenito d6d16b
##	</summary>
Chris PeBenito d6d16b
## </param>
Chris PeBenito d6d16b
#
Chris PeBenito d6d16b
interface(`amanda_manage_lib',`
Chris PeBenito d6d16b
	gen_require(`
Chris PeBenito d6d16b
		type amanda_usr_lib_t;
Chris PeBenito d6d16b
	')
Chris PeBenito d6d16b
Chris PeBenito d6d16b
	files_search_usr($1)
Dominick Grift 8296eb
	allow $1 amanda_usr_lib_t:dir manage_dir_perms;
Chris PeBenito d6d16b
')
Chris PeBenito d6d16b
Chris PeBenito 46c69c
########################################
Chris PeBenito 46c69c
## <summary>
Dominick Grift 8296eb
##	Read and append amanda logs.
Chris PeBenito 46c69c
## </summary>
Chris PeBenito 46c69c
## <param name="domain">
Chris PeBenito 46c69c
##	<summary>
Dominick Grift 77e4b5
##	Domain allowed access.
Chris PeBenito 46c69c
##	</summary>
Chris PeBenito 46c69c
## </param>
Chris PeBenito 46c69c
#
Chris PeBenito 46c69c
interface(`amanda_append_log_files',`
Chris PeBenito 46c69c
	gen_require(`
Chris PeBenito 46c69c
		type amanda_log_t;
Chris PeBenito 46c69c
	')
Chris PeBenito 46c69c
Dominick Grift 8296eb
	logging_search_logs($1)
Chris PeBenito c0868a
	allow $1 amanda_log_t:file { read_file_perms append_file_perms };
Chris PeBenito 46c69c
')
Chris PeBenito bc01b3
Chris PeBenito bc01b3
#######################################
Chris PeBenito bc01b3
## <summary>
Dominick Grift 8296eb
##	Search Amanda var library directories.
Chris PeBenito bc01b3
## </summary>
Chris PeBenito bc01b3
## <param name="domain">
Chris PeBenito bc01b3
##	<summary>
Chris PeBenito a72e42
##	Domain allowed access.
Chris PeBenito bc01b3
##	</summary>
Chris PeBenito bc01b3
## </param>
Chris PeBenito bc01b3
#
Chris PeBenito bc01b3
interface(`amanda_search_var_lib',`
Chris PeBenito bc01b3
	gen_require(`
Chris PeBenito bc01b3
		type amanda_var_lib_t;
Chris PeBenito bc01b3
	')
Chris PeBenito bc01b3
Chris PeBenito bc01b3
	files_search_var_lib($1)
Chris PeBenito bc01b3
	allow $1 amanda_var_lib_t:dir search_dir_perms;
Chris PeBenito bc01b3
')