Chris PeBenito 17de1b
## <summary>ucspitcp policy</summary>
Chris PeBenito 17de1b
## <desc>
Chris PeBenito 0bfccd
##	

Chris PeBenito 0bfccd
##	Policy for DJB's ucspi-tcpd
Chris PeBenito 0bfccd
##	

Chris PeBenito 17de1b
## </desc>
Chris PeBenito 17de1b
Chris PeBenito 17de1b
########################################
Chris PeBenito 17de1b
## <summary>
Chris PeBenito ff8f0a
##	Define a specified domain as a ucspitcp service.
Chris PeBenito 17de1b
## </summary>
Chris PeBenito 17de1b
## <param name="domain">
Chris PeBenito 17de1b
##	<summary>
Chris PeBenito ff8f0a
##	Domain allowed access.
Chris PeBenito 17de1b
##	</summary>
Chris PeBenito 17de1b
## </param>
Chris PeBenito 17de1b
## <param name="entrypoint">
Chris PeBenito 17de1b
##	<summary>
Chris PeBenito ff8f0a
##	The type associated with the process program.
Chris PeBenito 17de1b
##	</summary>
Chris PeBenito 17de1b
## </param>
Chris PeBenito 17de1b
#
Chris PeBenito 17de1b
interface(`ucspitcp_service_domain', `
Chris PeBenito 17de1b
	gen_require(`
Chris PeBenito 17de1b
		type ucspitcp_t;
Chris PeBenito 17de1b
		role system_r;
Chris PeBenito 17de1b
	')
Chris PeBenito 17de1b
Chris PeBenito 17de1b
	domain_type($1)
Chris PeBenito 0bfccd
	domain_entry_file($1, $2)
Chris PeBenito 17de1b
Chris PeBenito 17de1b
	role system_r types $1;
Chris PeBenito 17de1b
Chris PeBenito 17de1b
	domain_auto_trans(ucspitcp_t, $2, $1)
Chris PeBenito 17de1b
	allow $1 ucspitcp_t:fd use;
Chris PeBenito 17de1b
	allow $1 ucspitcp_t:process sigchld;
Chris PeBenito 17de1b
	allow $1 ucspitcp_t:tcp_socket rw_stream_socket_perms;
Chris PeBenito 17de1b
')