#DESC uptimed - a uptime daemon
#
# Author:  Carsten Grohmann <carsten@securityenhancedlinux.de>
#
# Date:  19. June 2003 
#

#################################
#
# General Types
#

type uptimed_spool_t, file_type, sysadmfile;

#################################
#
# Rules for the uptimed_t domain.
#
daemon_domain(uptimed, `,privmail')
etc_domain(uptimed)
typealias uptimed_etc_t alias etc_uptimed_t;
file_type_auto_trans(uptimed_t, var_spool_t, uptimed_spool_t)
allow uptimed_t proc_t:file { getattr read };
read_locale(uptimed_t)
allow uptimed_t uptimed_spool_t:file create_file_perms;
allow uptimed_t self:unix_dgram_socket create_socket_perms;

# to send mail
can_exec(uptimed_t, shell_exec_t)
allow uptimed_t { bin_t sbin_t }:dir search;
allow uptimed_t bin_t:lnk_file read;
allow uptimed_t etc_runtime_t:file { getattr read };
allow uptimed_t self:fifo_file { getattr write };

# rules for uprecords - it runs in the user context
allow userdomain uptimed_spool_t:dir search;
allow userdomain uptimed_spool_t:file { getattr read };