Blame strict/domains/program/alsa.te
|
Chris PeBenito |
2705f9 |
#DESC ainit - configuration tool for ALSA
|
|
Chris PeBenito |
2705f9 |
#
|
|
Chris PeBenito |
2705f9 |
# Author: Dan Walsh <dwalsh@redhat.com>
|
|
Chris PeBenito |
2705f9 |
#
|
|
Chris PeBenito |
2705f9 |
#
|
|
Chris PeBenito |
2705f9 |
type alsa_t, domain, privlog, daemon;
|
|
Chris PeBenito |
2705f9 |
type alsa_exec_t, file_type, sysadmfile, exec_type;
|
|
Chris PeBenito |
2705f9 |
uses_shlib(alsa_t)
|
|
Chris PeBenito |
f721a4 |
allow alsa_t { unpriv_userdomain self }:sem create_sem_perms;
|
|
Chris PeBenito |
f721a4 |
allow alsa_t { unpriv_userdomain self }:shm create_shm_perms;
|
|
Chris PeBenito |
2705f9 |
allow alsa_t self:unix_stream_socket create_stream_socket_perms;
|
|
Chris PeBenito |
f721a4 |
allow alsa_t self:unix_dgram_socket create_socket_perms;
|
|
Chris PeBenito |
f721a4 |
allow unpriv_userdomain alsa_t:sem { unix_read unix_write associate read write };
|
|
Chris PeBenito |
f721a4 |
allow unpriv_userdomain alsa_t:shm { unix_read unix_write create_shm_perms };
|
|
Chris PeBenito |
f721a4 |
|
|
Chris PeBenito |
2705f9 |
type alsa_etc_rw_t, file_type, sysadmfile, usercanread;
|
|
Chris PeBenito |
2705f9 |
rw_dir_create_file(alsa_t,alsa_etc_rw_t)
|
|
Chris PeBenito |
2705f9 |
allow alsa_t self:capability { setgid setuid ipc_owner };
|
|
Chris PeBenito |
f721a4 |
dontaudit alsa_t self:capability sys_admin;
|
|
Chris PeBenito |
2705f9 |
allow alsa_t devpts_t:chr_file { read write };
|
|
Chris PeBenito |
2705f9 |
allow alsa_t etc_t:file { getattr read };
|
|
Chris PeBenito |
2705f9 |
domain_auto_trans(pam_console_t, alsa_exec_t, alsa_t)
|
|
Chris PeBenito |
f721a4 |
role system_r types alsa_t;
|
|
Chris PeBenito |
f721a4 |
read_locale(alsa_t)
|