Blob Blame History Raw
## <summary>Pyzor is a distributed, collaborative spam detection and filtering network.</summary>

########################################
## <summary>
##	Execute pyzor with a domain transition.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`pyzor_domtrans',`
	gen_require(`
		type pyzor_exec_t, pyzor_t;
	')

	files_search_usr($1)
	corecmd_search_bin($1)
	domtrans_pattern($1,pyzor_exec_t,pyzor_t)
')

########################################
## <summary>
##	Execute pyzor in the caller domain.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`pyzor_exec',`
	gen_require(`
		type pyzor_exec_t;
	')

	files_search_usr($1)
	corecmd_search_bin($1)
	can_exec($1,pyzor_exec_t)
')

#######################################
## <summary>
##	The per role template for the pyzor module.
## </summary>
## <desc>
##	<p>
##	This template allows pyzor to manage files in
##	a user home directory, creating files with the
##	correct type.
##	</p>
##	<p>
##	This template is invoked automatically for each user, and
##	generally does not need to be invoked directly
##	by policy writers.
##	</p>
## </desc>
## <param name="userdomain_prefix">
##	<summary>
##	The prefix of the user domain (e.g., user
##	is the prefix for user_t).
##	</summary>
## </param>
#
template(`pyzor_per_role_template',`
	gen_require(`
		type pyzord_t;
	')

	type $1_pyzor_home_t;
	userdom_user_home_content($1,$1_pyzor_home_t)

	manage_dirs_pattern(pyzord_t,$1_pyzor_home_t,$1_pyzor_home_t)
	manage_files_pattern(pyzord_t,$1_pyzor_home_t,$1_pyzor_home_t)
	manage_lnk_files_pattern(pyzord_t,$1_pyzor_home_t,$1_pyzor_home_t)
	userdom_search_user_home_dirs($1,pyzord_t)
	userdom_user_home_dir_filetrans($1,pyzord_t,$1_pyzor_home_t,{ dir file lnk_file })
')