30 lines
678 B
Plaintext
30 lines
678 B
Plaintext
|
policy_module(tabrmd, 0.0.2)
|
||
|
|
||
|
########################################
|
||
|
#
|
||
|
# Declarations
|
||
|
#
|
||
|
|
||
|
gen_tunable(`tabrmd_connect_all_unreserved', false)
|
||
|
|
||
|
type tabrmd_t;
|
||
|
type tabrmd_exec_t;
|
||
|
init_daemon_domain(tabrmd_t, tabrmd_exec_t)
|
||
|
|
||
|
allow tabrmd_t self:unix_dgram_socket { create_socket_perms };
|
||
|
|
||
|
dev_rw_tpm(tabrmd_t)
|
||
|
logging_send_syslog_msg(tabrmd_t)
|
||
|
sysnet_dns_name_resolve(tabrmd_t)
|
||
|
|
||
|
optional_policy(`
|
||
|
dbus_stub()
|
||
|
dbus_system_domain(tabrmd_t, tabrmd_exec_t)
|
||
|
allow system_dbusd_t tabrmd_t:unix_stream_socket rw_stream_socket_perms;
|
||
|
fwupd_dbus_chat(tabrmd_t)
|
||
|
')
|
||
|
|
||
|
tunable_policy(`tabrmd_connect_all_unreserved',`
|
||
|
corenet_tcp_connect_all_unreserved_ports(tabrmd_t)
|
||
|
')
|