## <summary>ucspitcp policy</summary>

## <desc>

##      

##              Policy for DJB's ucspi-tcpd

##      

## </desc>

########################################

## <summary>

##      Define a specified domain as a ucspitcp service.

## </summary>

## <param name="domain">

##      Domain allowed access.

## </param>

## <param name="entrypoint">

##      The type associated with the process program.

## </param>

#

interface(`ucspitcp_service_domain', `

	gen_require(`

		type ucspitcp_t;

		role system_r;

	')

	domain_type($1)

	domain_entry_file($1,$2)

	role system_r types $1;

	domain_auto_trans(ucspitcp_t, $2, $1)

	allow $1 ucspitcp_t:fd use;

	allow $1 ucspitcp_t:process sigchld;

	allow $1 ucspitcp_t:tcp_socket rw_stream_socket_perms;

')