#DESC Bluetooth 

#

# Authors:  Dan Walsh

# RH-Packages: Bluetooth

#

#################################

#

# Rules for the bluetooth_t domain.

#

daemon_domain(bluetooth)

file_type_auto_trans(bluetooth_t, var_run_t, bluetooth_var_run_t, sock_file)

tmp_domain(bluetooth)

# Use capabilities.

allow bluetooth_t self:capability { net_admin net_raw sys_tty_config };

rw_dir_create_file(bluetooth_t, var_lock_t)

# Use the network.

can_network_server(bluetooth_t)

can_ypbind(bluetooth_t)

ifdef(`dbusd.te', `

dbusd_client(system, bluetooth)

allow bluetooth_t system_dbusd_t:dbus send_msg;

')

allow bluetooth_t self:socket { create setopt ioctl bind listen };

allow bluetooth_t self:unix_dgram_socket create_socket_perms;

allow bluetooth_t self:unix_stream_socket create_stream_socket_perms;

dontaudit bluetooth_t sysadm_devpts_t:chr_file { read write };

# bluetooth_conf_t is the type of the /etc/bluetooth dir.

type bluetooth_conf_t, file_type, sysadmfile;

# Read /etc/bluetooth

allow bluetooth_t bluetooth_conf_t:dir search;

allow bluetooth_t bluetooth_conf_t:file { getattr read ioctl };

#/usr/sbin/hid2hci causes the following

allow initrc_t usbfs_t:file { read };