From: sven.vermeulen@siphos.be (Sven Vermeulen)
Date: Mon, 26 Mar 2012 20:50:26 +0200
Subject: [refpolicy] [PATCH 4/5] Add interfaces to manage attributes of
 asterisk log and pid files
In-Reply-To: <20120326184827.GA24792@siphos.be>
References: <20120326184827.GA24792@siphos.be>
Message-ID: <20120326185026.GE24792@siphos.be>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com



Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
---
 asterisk.if |   43 +++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 43 insertions(+), 0 deletions(-)

diff --git a/asterisk.if b/asterisk.if
index 8b8143e..bd6273f 100644
--- a/asterisk.if
+++ b/asterisk.if
@@ -90,3 +90,46 @@ interface(`asterisk_admin',`
 	files_list_pids($1)
 	admin_pattern($1, asterisk_var_run_t)
 ')
+
+#######################################
+## <summary>
+##   Allow changing the attributes of the asterisk log files and directories
+## </summary>
+## <param name="domain">
+##   <summary>
+##     Domain allowed to change the attributes of the asterisk log files and
+##     directories
+##   </summary>
+## </param>
+#
+interface(`asterisk_setattr_logs',`
+	gen_require(`
+		type asterisk_log_t;
+	')
+
+	setattr_files_pattern($1, asterisk_log_t, asterisk_log_t)
+	setattr_dirs_pattern($1, asterisk_log_t, asterisk_log_t)
+
+	logging_search_logs($1)
+')
+
+#######################################
+## <summary>
+##   Allow changing the attributes of the asterisk PID files
+## </summary>
+## <param name="domain">
+##   <summary>
+##     Domain allowed to change the attributes of the asterisk PID files
+##   </summary>
+## </param>
+#
+interface(`asterisk_setattr_pid_files',`
+	gen_require(`
+		type asterisk_var_run_t;
+	')
+
+	setattr_files_pattern($1, asterisk_var_run_t, asterisk_var_run_t)
+	setattr_dirs_pattern($1, asterisk_var_run_t, asterisk_var_run_t)
+
+	files_search_pids($1)
+')
-- 
1.7.3.4