2020-06-02 17:31:08 +02:00
|
|
|
|
2022-09-29 16:06:49 +02:00
|
|
|
## <summary>policy for rtorrent</summary>
|
2020-06-02 17:31:08 +02:00
|
|
|
|
|
|
|
|
########################################
|
|
|
|
|
## <summary>
|
2022-09-29 16:06:49 +02:00
|
|
|
## Execute rtorrent_exec_t in the rtorrent domain.
|
2020-06-02 17:31:08 +02:00
|
|
|
## </summary>
|
|
|
|
|
## <param name="domain">
|
2022-09-29 16:06:49 +02:00
|
|
|
## <summary>
|
2020-06-02 17:31:08 +02:00
|
|
|
## Domain allowed to transition.
|
2022-09-29 16:06:49 +02:00
|
|
|
## </summary>
|
2020-06-02 17:31:08 +02:00
|
|
|
## </param>
|
|
|
|
|
#
|
|
|
|
|
interface(`rtorrent_domtrans',`
|
|
|
|
|
gen_require(`
|
|
|
|
|
type rtorrent_t, rtorrent_exec_t;
|
|
|
|
|
')
|
|
|
|
|
|
2022-09-29 16:06:49 +02:00
|
|
|
corecmd_search_bin($1)
|
2020-06-02 17:31:08 +02:00
|
|
|
domtrans_pattern($1, rtorrent_exec_t, rtorrent_t)
|
|
|
|
|
')
|
|
|
|
|
|
|
|
|
|
######################################
|
|
|
|
|
## <summary>
|
2022-09-29 16:06:49 +02:00
|
|
|
## Execute rtorrent in the caller domain.
|
2020-06-02 17:31:08 +02:00
|
|
|
## </summary>
|
|
|
|
|
## <param name="domain">
|
|
|
|
|
## <summary>
|
|
|
|
|
## Domain allowed access.
|
|
|
|
|
## </summary>
|
|
|
|
|
## </param>
|
|
|
|
|
#
|
|
|
|
|
interface(`rtorrent_exec',`
|
|
|
|
|
gen_require(`
|
|
|
|
|
type rtorrent_exec_t;
|
|
|
|
|
')
|
|
|
|
|
|
|
|
|
|
corecmd_search_bin($1)
|
|
|
|
|
can_exec($1, rtorrent_exec_t)
|
|
|
|
|
')
|
|
|
|
|
|
2022-09-29 16:06:49 +02:00
|
|
|
########################################
|
2020-06-02 17:31:08 +02:00
|
|
|
## <summary>
|
2022-09-29 16:06:49 +02:00
|
|
|
## Execute rtorrent in the rtorrent domain, and
|
|
|
|
|
## allow the specified role the rtorrent domain.
|
2020-06-02 17:31:08 +02:00
|
|
|
## </summary>
|
|
|
|
|
## <param name="domain">
|
2022-09-29 16:06:49 +02:00
|
|
|
## <summary>
|
|
|
|
|
## Domain allowed to transition
|
|
|
|
|
## </summary>
|
|
|
|
|
## </param>
|
|
|
|
|
## <param name="role">
|
|
|
|
|
## <summary>
|
|
|
|
|
## The role to be allowed the rtorrent domain.
|
|
|
|
|
## </summary>
|
2020-06-02 17:31:08 +02:00
|
|
|
## </param>
|
|
|
|
|
#
|
2022-09-29 16:06:49 +02:00
|
|
|
interface(`rtorrent_run',`
|
|
|
|
|
gen_require(`
|
|
|
|
|
type rtorrent_t;
|
|
|
|
|
attribute_role rtorrent_roles;
|
|
|
|
|
')
|
2020-06-02 17:31:08 +02:00
|
|
|
|
2022-09-29 16:06:49 +02:00
|
|
|
rtorrent_domtrans($1)
|
|
|
|
|
roleattribute $2 rtorrent_roles;
|
2020-06-02 17:31:08 +02:00
|
|
|
')
|
|
|
|
|
|
|
|
|
|
########################################
|
|
|
|
|
## <summary>
|
2022-09-29 16:06:49 +02:00
|
|
|
## Role access for rtorrent
|
2020-06-02 17:31:08 +02:00
|
|
|
## </summary>
|
2022-09-29 16:06:49 +02:00
|
|
|
## <param name="role">
|
|
|
|
|
## <summary>
|
|
|
|
|
## Role allowed access
|
|
|
|
|
## </summary>
|
|
|
|
|
## </param>
|
2020-06-02 17:31:08 +02:00
|
|
|
## <param name="domain">
|
|
|
|
|
## <summary>
|
2022-09-29 16:06:49 +02:00
|
|
|
## User domain for the role
|
2020-06-02 17:31:08 +02:00
|
|
|
## </summary>
|
|
|
|
|
## </param>
|
|
|
|
|
#
|
2022-09-29 16:06:49 +02:00
|
|
|
interface(`rtorrent_role',`
|
2020-06-02 17:31:08 +02:00
|
|
|
gen_require(`
|
|
|
|
|
type rtorrent_t;
|
2022-09-29 16:06:49 +02:00
|
|
|
attribute_role rtorrent_roles;
|
2020-06-02 17:31:08 +02:00
|
|
|
')
|
|
|
|
|
|
2022-09-29 16:06:49 +02:00
|
|
|
roleattribute $1 rtorrent_roles;
|
|
|
|
|
|
|
|
|
|
rtorrent_domtrans($2)
|
|
|
|
|
|
|
|
|
|
ps_process_pattern($2, rtorrent_t)
|
|
|
|
|
allow $2 rtorrent_t:process { signull signal sigkill };
|
2020-06-02 17:31:08 +02:00
|
|
|
')
|
