From: cpebenito@tresys.com (Christopher J. PeBenito) Date: Fri, 20 Apr 2012 16:37:38 -0400 Subject: [refpolicy] [PATCH 4/5] Add interfaces to manage attributes of asterisk log and pid files In-Reply-To: <20120326185026.GE24792@siphos.be> References: <20120326184827.GA24792@siphos.be> <20120326185026.GE24792@siphos.be> Message-ID: <4F91C912.1070604@tresys.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 03/26/12 14:50, Sven Vermeulen wrote: > > > Signed-off-by: Sven Vermeulen > --- > asterisk.if | 43 +++++++++++++++++++++++++++++++++++++++++++ > 1 files changed, 43 insertions(+), 0 deletions(-) Merged. Fixed whitespace and rearranged interfaces. > diff --git a/asterisk.if b/asterisk.if > index 8b8143e..bd6273f 100644 > --- a/asterisk.if > +++ b/asterisk.if > @@ -90,3 +90,46 @@ interface(`asterisk_admin',` > files_list_pids($1) > admin_pattern($1, asterisk_var_run_t) > ') > + > +####################################### > +##

> +## Allow changing the attributes of the asterisk log files and directories > +##

> +## > +##

> +## Domain allowed to change the attributes of the asterisk log files and > +## directories > +##

> +## > +# > +interface(`asterisk_setattr_logs',` > + gen_require(` > + type asterisk_log_t; > + ') > + > + setattr_files_pattern($1, asterisk_log_t, asterisk_log_t) > + setattr_dirs_pattern($1, asterisk_log_t, asterisk_log_t) > + > + logging_search_logs($1) > +') > + > +####################################### > +##

> +## Allow changing the attributes of the asterisk PID files > +##

> +## > +##

> +## Domain allowed to change the attributes of the asterisk PID files > +##

> +## > +# > +interface(`asterisk_setattr_pid_files',` > + gen_require(` > + type asterisk_var_run_t; > + ') > + > + setattr_files_pattern($1, asterisk_var_run_t, asterisk_var_run_t) > + setattr_dirs_pattern($1, asterisk_var_run_t, asterisk_var_run_t) > + > + files_search_pids($1) > +') -- Chris PeBenito Tresys Technology, LLC www.tresys.com | oss.tresys.com