|
Dan Walsh |
4c3817 |
## <summary>policy for ajaxterm</summary>
|
|
Dan Walsh |
4c3817 |
|
|
Dan Walsh |
4c3817 |
########################################
|
|
Dan Walsh |
4c3817 |
## <summary>
|
|
Dan Walsh |
4c3817 |
## Execute a domain transition to run ajaxterm.
|
|
Dan Walsh |
4c3817 |
## </summary>
|
|
Dan Walsh |
4c3817 |
## <param name="domain">
|
|
Dominick Grift |
c5eae5 |
## <summary>
|
|
Dan Walsh |
4c3817 |
## Domain allowed access.
|
|
Dominick Grift |
c5eae5 |
## </summary>
|
|
Dan Walsh |
4c3817 |
## </param>
|
|
Dan Walsh |
4c3817 |
#
|
|
Dan Walsh |
4c3817 |
interface(`ajaxterm_domtrans',`
|
|
Dan Walsh |
4c3817 |
gen_require(`
|
|
Dan Walsh |
4c3817 |
type ajaxterm_t, ajaxterm_exec_t;
|
|
Dan Walsh |
4c3817 |
')
|
|
Dan Walsh |
4c3817 |
|
|
Dan Walsh |
4c3817 |
domtrans_pattern($1, ajaxterm_exec_t, ajaxterm_t)
|
|
Dan Walsh |
4c3817 |
')
|
|
Dan Walsh |
4c3817 |
|
|
Dan Walsh |
4c3817 |
########################################
|
|
Dan Walsh |
4c3817 |
## <summary>
|
|
Dan Walsh |
4c3817 |
## Execute ajaxterm server in the ajaxterm domain.
|
|
Dan Walsh |
4c3817 |
## </summary>
|
|
Dan Walsh |
4c3817 |
## <param name="domain">
|
|
Dan Walsh |
4c3817 |
## <summary>
|
|
Dan Walsh |
4c3817 |
## The type of the process performing this action.
|
|
Dan Walsh |
4c3817 |
## </summary>
|
|
Dan Walsh |
4c3817 |
## </param>
|
|
Dan Walsh |
4c3817 |
#
|
|
Dan Walsh |
4c3817 |
interface(`ajaxterm_initrc_domtrans',`
|
|
Dan Walsh |
4c3817 |
gen_require(`
|
|
Dan Walsh |
4c3817 |
type ajaxterm_initrc_exec_t;
|
|
Dan Walsh |
4c3817 |
')
|
|
Dan Walsh |
4c3817 |
|
|
Dan Walsh |
4c3817 |
init_labeled_script_domtrans($1, ajaxterm_initrc_exec_t)
|
|
Dan Walsh |
4c3817 |
')
|
|
Dan Walsh |
4c3817 |
|
|
Dan Walsh |
4c3817 |
########################################
|
|
Dan Walsh |
4c3817 |
## <summary>
|
|
Dan Walsh |
4c3817 |
## All of the rules required to administrate
|
|
Dan Walsh |
4c3817 |
## an ajaxterm environment
|
|
Dan Walsh |
4c3817 |
## </summary>
|
|
Dan Walsh |
4c3817 |
## <param name="domain">
|
|
Dan Walsh |
4c3817 |
## <summary>
|
|
Dan Walsh |
4c3817 |
## Domain allowed access.
|
|
Dan Walsh |
4c3817 |
## </summary>
|
|
Dan Walsh |
4c3817 |
## </param>
|
|
Dan Walsh |
4c3817 |
## <param name="role">
|
|
Dan Walsh |
4c3817 |
## <summary>
|
|
Dan Walsh |
4c3817 |
## Role allowed access.
|
|
Dan Walsh |
4c3817 |
## </summary>
|
|
Dan Walsh |
4c3817 |
## </param>
|
|
Dan Walsh |
4c3817 |
## <rolecap/>
|
|
Dan Walsh |
4c3817 |
#
|
|
Dan Walsh |
4c3817 |
interface(`ajaxterm_admin',`
|
|
Dan Walsh |
4c3817 |
gen_require(`
|
|
Dan Walsh |
4c3817 |
type ajaxterm_t;
|
|
Dan Walsh |
4c3817 |
type ajaxterm_initrc_exec_t;
|
|
Dan Walsh |
4c3817 |
')
|
|
Dan Walsh |
4c3817 |
|
|
Dan Walsh |
4c3817 |
allow $1 ajaxterm_t:process { ptrace signal_perms };
|
|
Dan Walsh |
4c3817 |
ps_process_pattern($1, ajaxterm_t)
|
|
Dan Walsh |
4c3817 |
|
|
Dan Walsh |
4c3817 |
ajaxterm_initrc_domtrans($1)
|
|
Dan Walsh |
4c3817 |
domain_system_change_exemption($1)
|
|
Dan Walsh |
4c3817 |
role_transition $2 ajaxterm_initrc_exec_t system_r;
|
|
Dan Walsh |
4c3817 |
allow $2 system_r;
|
|
Dan Walsh |
4c3817 |
')
|