Chris PeBenito a5ef55
## <summary>Bring up/down ethernet interfaces based on cable detection.</summary>
Chris PeBenito a5ef55
Chris PeBenito a5ef55
########################################
Chris PeBenito a5ef55
## <summary>
Chris PeBenito a5ef55
##	Execute a domain transition to run ifplugd.
Chris PeBenito a5ef55
## </summary>
Chris PeBenito a5ef55
## <param name="domain">
Chris PeBenito a5ef55
## <summary>
Chris PeBenito a5ef55
##	Domain allowed to transition.
Chris PeBenito a5ef55
## </summary>
Chris PeBenito a5ef55
## </param>
Chris PeBenito a5ef55
#
Chris PeBenito a5ef55
interface(`ifplugd_domtrans',`
Chris PeBenito a5ef55
	gen_require(`
Chris PeBenito a5ef55
		type ifplugd_t, ifplugd_exec_t;
Chris PeBenito a5ef55
	')
Chris PeBenito a5ef55
Chris PeBenito a5ef55
	domtrans_pattern($1, ifplugd_exec_t, ifplugd_t)
Chris PeBenito a5ef55
')
Chris PeBenito a5ef55
Chris PeBenito a5ef55
########################################
Chris PeBenito a5ef55
## <summary>
Chris PeBenito a5ef55
##	Send a generic signal to ifplugd
Chris PeBenito a5ef55
## </summary>
Chris PeBenito a5ef55
## <param name="domain">
Chris PeBenito a5ef55
##	<summary>
Chris PeBenito a5ef55
##	Domain allowed access.
Chris PeBenito a5ef55
##	</summary>
Chris PeBenito a5ef55
## </param>
Chris PeBenito a5ef55
#
Chris PeBenito a5ef55
interface(`ifplugd_signal',`
Chris PeBenito a5ef55
	gen_require(`
Chris PeBenito a5ef55
		type ifplugd_t;
Chris PeBenito a5ef55
	')
Chris PeBenito a5ef55
Chris PeBenito a5ef55
	allow $1 ifplugd_t:process signal;
Chris PeBenito a5ef55
')
Chris PeBenito a5ef55
Chris PeBenito a5ef55
########################################
Chris PeBenito a5ef55
## <summary>
Chris PeBenito a5ef55
##	Read ifplugd etc configuration files.
Chris PeBenito a5ef55
## </summary>
Chris PeBenito a5ef55
## <param name="domain">
Chris PeBenito a5ef55
##	<summary>
Chris PeBenito a5ef55
##	Domain allowed access.
Chris PeBenito a5ef55
##	</summary>
Chris PeBenito a5ef55
## </param>
Chris PeBenito a5ef55
#
Chris PeBenito a5ef55
interface(`ifplugd_read_config',`
Chris PeBenito a5ef55
	gen_require(`
Chris PeBenito a5ef55
		type ifplugd_etc_t;
Chris PeBenito a5ef55
	')
Chris PeBenito a5ef55
Chris PeBenito a5ef55
	files_search_etc($1)
Chris PeBenito a5ef55
	read_files_pattern($1, ifplugd_etc_t, ifplugd_etc_t)
Chris PeBenito a5ef55
')
Chris PeBenito a5ef55
Chris PeBenito a5ef55
########################################
Chris PeBenito a5ef55
## <summary>
Chris PeBenito a5ef55
##	Manage ifplugd etc configuration files.
Chris PeBenito a5ef55
## </summary>
Chris PeBenito a5ef55
## <param name="domain">
Chris PeBenito a5ef55
##	<summary>
Chris PeBenito a5ef55
##	Domain allowed access.
Chris PeBenito a5ef55
##	</summary>
Chris PeBenito a5ef55
## </param>
Chris PeBenito a5ef55
#
Chris PeBenito a5ef55
interface(`ifplugd_manage_config',`
Chris PeBenito a5ef55
	gen_require(`
Chris PeBenito a5ef55
		type ifplugd_etc_t;
Chris PeBenito a5ef55
	')
Chris PeBenito a5ef55
Chris PeBenito a5ef55
	files_search_etc($1)
Chris PeBenito a5ef55
	manage_dirs_pattern($1, ifplugd_etc_t, ifplugd_etc_t)
Chris PeBenito a5ef55
	manage_files_pattern($1, ifplugd_etc_t, ifplugd_etc_t)
Chris PeBenito a5ef55
')
Chris PeBenito a5ef55
Chris PeBenito a5ef55
########################################
Chris PeBenito a5ef55
## <summary>
Chris PeBenito a5ef55
##	Read ifplugd PID files.
Chris PeBenito a5ef55
## </summary>
Chris PeBenito a5ef55
## <param name="domain">
Chris PeBenito a5ef55
##	<summary>
Chris PeBenito a5ef55
##	Domain allowed access.
Chris PeBenito a5ef55
##	</summary>
Chris PeBenito a5ef55
## </param>
Chris PeBenito a5ef55
#
Chris PeBenito a5ef55
interface(`ifplugd_read_pid_files',`
Chris PeBenito a5ef55
	gen_require(`
Chris PeBenito a5ef55
		type ifplugd_var_run_t;
Chris PeBenito a5ef55
	')
Chris PeBenito a5ef55
Chris PeBenito a5ef55
	files_search_pids($1)
Chris PeBenito a5ef55
	allow $1 ifplugd_var_run_t:file read_file_perms;
Chris PeBenito a5ef55
')
Chris PeBenito a5ef55
Chris PeBenito a5ef55
########################################
Chris PeBenito a5ef55
## <summary>
Chris PeBenito a5ef55
##	All of the rules required to administrate 
Chris PeBenito a5ef55
##	an ifplugd environment
Chris PeBenito a5ef55
## </summary>
Chris PeBenito a5ef55
## <param name="domain">
Chris PeBenito a5ef55
##	<summary>
Chris PeBenito a5ef55
##	Domain allowed access.
Chris PeBenito a5ef55
##	</summary>
Chris PeBenito a5ef55
## </param>
Chris PeBenito a5ef55
## <param name="role">
Chris PeBenito a5ef55
##	<summary>
Chris PeBenito a5ef55
##	The role to be allowed to manage the ifplugd domain.
Chris PeBenito a5ef55
##	</summary>
Chris PeBenito a5ef55
## </param>
Chris PeBenito a5ef55
## <rolecap/>
Chris PeBenito a5ef55
#
Chris PeBenito a5ef55
interface(`ifplugd_admin',`
Chris PeBenito a5ef55
	gen_require(`
Chris PeBenito a5ef55
		type ifplugd_t, ifplugd_etc_t;
Chris PeBenito a5ef55
		type ifplugd_var_run_t, ifplugd_initrc_exec_t;
Chris PeBenito a5ef55
	')
Chris PeBenito a5ef55
Chris PeBenito a5ef55
	allow $1 ifplugd_t:process { ptrace signal_perms };
Chris PeBenito a5ef55
	ps_process_pattern($1, ifplugd_t)
Chris PeBenito a5ef55
Chris PeBenito a5ef55
	init_labeled_script_domtrans($1, ifplugd_initrc_exec_t)
Chris PeBenito a5ef55
	domain_system_change_exemption($1)
Chris PeBenito a5ef55
	role_transition $2 ifplugd_initrc_exec_t system_r;
Chris PeBenito a5ef55
	allow $2 system_r;
Chris PeBenito a5ef55
Chris PeBenito a5ef55
	files_list_etc($1)
Chris PeBenito a5ef55
	admin_pattern($1, ifplugd_etc_t)
Chris PeBenito a5ef55
Chris PeBenito a5ef55
	files_list_pids($1)
Chris PeBenito a5ef55
	admin_pattern($1, ifplugd_var_run_t)
Chris PeBenito a5ef55
')