## <summary>System shutdown command</summary>

########################################

## <summary>

##	Execute a domain transition to run shutdown.

## </summary>

## <param name="domain">

## <summary>

##	Domain allowed to transition.

## </summary>

## </param>

#

interface(`shutdown_domtrans',`

	gen_require(`

		type shutdown_t, shutdown_exec_t;

	')

	domtrans_pattern($1, shutdown_exec_t, shutdown_t)

	ifdef(`hide_broken_symptoms', `

		dontaudit shutdown_t $1:socket_class_set { read write };

		dontaudit shutdown_t $1:fifo_file { read write };

	')

')

########################################

## <summary>

##	Execute shutdown in the shutdown domain, and

##	allow the specified role the shutdown domain.

## </summary>

## <param name="domain">

##	<summary>

##	Domain allowed to transition.

##	</summary>

## </param>

## <param name="role">

##	<summary>

##	Role allowed access.

##	</summary>

## </param>

#

interface(`shutdown_run',`

	gen_require(`

		type shutdown_t;

	')

	shutdown_domtrans($1)

	role $2 types shutdown_t;

')

########################################

## <summary>

##	Get attributes of shutdown executable.

## </summary>

## <param name="domain">

##	<summary>

##	Domain allowed access.

##	</summary>

## </param>

#

interface(`shutdown_getattr_exec_files',`

	gen_require(`

		type shutdown_exec_t;

	')

	allow $1 shutdown_exec_t:file getattr;

')