|
Chris PeBenito |
2705f9 |
#
|
|
Chris PeBenito |
2705f9 |
# GNOME VFS daemon
|
|
Chris PeBenito |
2705f9 |
#
|
|
Chris PeBenito |
2705f9 |
# Author: Ivan Gyurdiev <ivg2@cornell.edu>
|
|
Chris PeBenito |
2705f9 |
#
|
|
Chris PeBenito |
2705f9 |
|
|
Chris PeBenito |
2705f9 |
#######################################
|
|
Chris PeBenito |
2705f9 |
# gnome_vfs_domain(role_prefix)
|
|
Chris PeBenito |
2705f9 |
#
|
|
Chris PeBenito |
2705f9 |
|
|
Chris PeBenito |
2705f9 |
define(`gnome_vfs_domain', `
|
|
Chris PeBenito |
2705f9 |
|
|
Chris PeBenito |
2705f9 |
# Type for daemon
|
|
Chris PeBenito |
2705f9 |
type $1_gnome_vfs_t, domain, nscd_client_domain;
|
|
Chris PeBenito |
2705f9 |
|
|
Chris PeBenito |
2705f9 |
# GNOME, dbus
|
|
Chris PeBenito |
2705f9 |
gnome_application($1_gnome_vfs, $1)
|
|
Chris PeBenito |
2705f9 |
dbusd_client(system, $1_gnome_vfs)
|
|
Chris PeBenito |
2705f9 |
allow $1_gnome_vfs_t system_dbusd_t:dbus send_msg;
|
|
Chris PeBenito |
2705f9 |
ifdef(`hald.te', `
|
|
Chris PeBenito |
2705f9 |
allow $1_gnome_vfs_t hald_t:dbus send_msg;
|
|
Chris PeBenito |
2705f9 |
allow hald_t $1_gnome_vfs_t:dbus send_msg;
|
|
Chris PeBenito |
2705f9 |
')
|
|
Chris PeBenito |
2705f9 |
|
|
Chris PeBenito |
2705f9 |
# Transition from user type
|
|
Chris PeBenito |
2705f9 |
domain_auto_trans($1_t, gnome_vfs_exec_t, $1_gnome_vfs_t)
|
|
Chris PeBenito |
2705f9 |
role $1_r types $1_gnome_vfs_t;
|
|
Chris PeBenito |
2705f9 |
|
|
Chris PeBenito |
2705f9 |
# Stat top level directories on mount_points (check free space?)
|
|
Chris PeBenito |
2705f9 |
allow $1_gnome_vfs_t { fs_type default_t boot_t home_root_t device_t }:dir getattr;
|
|
Chris PeBenito |
2705f9 |
|
|
Chris PeBenito |
2705f9 |
# Search path to /home (??)
|
|
Chris PeBenito |
2705f9 |
allow $1_gnome_vfs_t home_root_t:dir search;
|
|
Chris PeBenito |
2705f9 |
allow $1_gnome_vfs_t $1_home_dir_t:dir search;
|
|
Chris PeBenito |
2705f9 |
|
|
Chris PeBenito |
2705f9 |
# Search path to rpc_pipefs mount point (??)
|
|
Chris PeBenito |
2705f9 |
allow $1_gnome_vfs_t var_lib_nfs_t:dir search;
|
|
Chris PeBenito |
2705f9 |
allow $1_gnome_vfs_t var_lib_t:dir search;
|
|
Chris PeBenito |
2705f9 |
|
|
Chris PeBenito |
2705f9 |
# Search libexec (??)
|
|
Chris PeBenito |
2705f9 |
allow $1_gnome_vfs_t bin_t:dir search;
|
|
Chris PeBenito |
2705f9 |
can_exec($1_gnome_vfs_t, bin_t)
|
|
Chris PeBenito |
2705f9 |
|
|
Chris PeBenito |
2705f9 |
') dnl gnome_vfs_domain
|
|
Chris PeBenito |
2705f9 |
|
|
Chris PeBenito |
2705f9 |
#####################################
|
|
Chris PeBenito |
2705f9 |
# gnome_vfs_client(prefix, role_prefix)
|
|
Chris PeBenito |
2705f9 |
#
|
|
Chris PeBenito |
2705f9 |
|
|
Chris PeBenito |
2705f9 |
define(`gnome_vfs_client', `
|
|
Chris PeBenito |
2705f9 |
|
|
Chris PeBenito |
2705f9 |
# Connect over bonobo
|
|
Chris PeBenito |
2705f9 |
bonobo_connect($1, $2_gnome_vfs)
|
|
Chris PeBenito |
2705f9 |
|
|
Chris PeBenito |
2705f9 |
') dnl gnome_vfs_client
|