|
Dominick Grift |
3330fbd |
## <summary>Advanced Linux Sound Architecture utilities.</summary>
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
########################################
|
|
Chris PeBenito |
9401ae1 |
## <summary>
|
|
Dominick Grift |
d476856 |
## Role access for alsa.
|
|
Dominick Grift |
d476856 |
## </summary>
|
|
Dominick Grift |
d476856 |
## <param name="role">
|
|
Dominick Grift |
d476856 |
## <summary>
|
|
Dominick Grift |
d476856 |
## Role allowed access.
|
|
Dominick Grift |
d476856 |
## </summary>
|
|
Dominick Grift |
d476856 |
## </param>
|
|
Dominick Grift |
d476856 |
## <param name="domain">
|
|
Dominick Grift |
d476856 |
## <summary>
|
|
Dominick Grift |
d476856 |
## User domain for the role.
|
|
Dominick Grift |
d476856 |
## </summary>
|
|
Dominick Grift |
d476856 |
## </param>
|
|
Dominick Grift |
d476856 |
#
|
|
Dominick Grift |
d476856 |
template(`alsa_role',`
|
|
Dominick Grift |
e31c5ec |
refpolicywarn(`$0($*) has been deprecated')
|
|
Dominick Grift |
d476856 |
')
|
|
 |
1ec3d1a |
|
|
|
1ec3d1a |
########################################
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Execute a domain transition to run Alsa.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## <param name="domain">
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Domain allowed to transition.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## </param>
|
|
|
1ec3d1a |
#
|
|
|
1ec3d1a |
interface(`alsa_domtrans',`
|
|
|
1ec3d1a |
gen_require(`
|
|
|
1ec3d1a |
type alsa_t, alsa_exec_t;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
corecmd_search_bin($1)
|
|
|
1ec3d1a |
domtrans_pattern($1, alsa_exec_t, alsa_t)
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
########################################
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Execute a domain transition to run
|
|
|
1ec3d1a |
## Alsa, and allow the specified role
|
|
|
1ec3d1a |
## the Alsa domain.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## <param name="domain">
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Domain allowed to transition.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## </param>
|
|
|
1ec3d1a |
## <param name="role">
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Role allowed access.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## </param>
|
|
|
1ec3d1a |
#
|
|
|
1ec3d1a |
interface(`alsa_run',`
|
|
|
1ec3d1a |
gen_require(`
|
|
Dominick Grift |
3330fbd |
attribute_role alsa_roles;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
alsa_domtrans($1)
|
|
Dominick Grift |
3330fbd |
roleattribute $2 alsa_roles;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
########################################
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Read and write Alsa semaphores.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## <param name="domain">
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Domain allowed access.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## </param>
|
|
|
1ec3d1a |
#
|
|
|
1ec3d1a |
interface(`alsa_rw_semaphores',`
|
|
|
1ec3d1a |
gen_require(`
|
|
|
1ec3d1a |
type alsa_t;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
allow $1 alsa_t:sem rw_sem_perms;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
########################################
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Read and write Alsa shared memory.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## <param name="domain">
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Domain allowed access.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## </param>
|
|
|
1ec3d1a |
#
|
|
|
1ec3d1a |
interface(`alsa_rw_shared_mem',`
|
|
|
1ec3d1a |
gen_require(`
|
|
|
1ec3d1a |
type alsa_t;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
allow $1 alsa_t:shm rw_shm_perms;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
########################################
|
|
|
1ec3d1a |
## <summary>
|
|
Dominick Grift |
3330fbd |
## Read writable Alsa configuration content.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## <param name="domain">
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Domain allowed access.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## </param>
|
|
|
1ec3d1a |
#
|
|
|
1ec3d1a |
interface(`alsa_read_rw_config',`
|
|
|
1ec3d1a |
gen_require(`
|
|
|
1ec3d1a |
type alsa_etc_rw_t;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
files_search_etc($1)
|
|
|
1ec3d1a |
allow $1 alsa_etc_rw_t:dir list_dir_perms;
|
|
|
1ec3d1a |
read_files_pattern($1, alsa_etc_rw_t, alsa_etc_rw_t)
|
|
|
1ec3d1a |
read_lnk_files_pattern($1, alsa_etc_rw_t, alsa_etc_rw_t)
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
ifdef(`distro_debian',`
|
|
|
1ec3d1a |
files_search_usr($1)
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
########################################
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Manage writable Alsa config files.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## <param name="domain">
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Domain allowed access.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## </param>
|
|
|
1ec3d1a |
#
|
|
|
1ec3d1a |
interface(`alsa_manage_rw_config',`
|
|
|
1ec3d1a |
gen_require(`
|
|
|
1ec3d1a |
type alsa_etc_rw_t;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
files_search_etc($1)
|
|
|
1ec3d1a |
allow $1 alsa_etc_rw_t:dir list_dir_perms;
|
|
|
1ec3d1a |
manage_files_pattern($1, alsa_etc_rw_t, alsa_etc_rw_t)
|
|
|
1ec3d1a |
read_lnk_files_pattern($1, alsa_etc_rw_t, alsa_etc_rw_t)
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
ifdef(`distro_debian',`
|
|
|
1ec3d1a |
files_search_usr($1)
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
########################################
|
|
|
1ec3d1a |
## <summary>
|
|
Dominick Grift |
e31c5ec |
## Create, read, write, and delete
|
|
Dominick Grift |
e31c5ec |
## alsa home files.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## <param name="domain">
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Domain allowed access.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## </param>
|
|
|
1ec3d1a |
#
|
|
|
1ec3d1a |
interface(`alsa_manage_home_files',`
|
|
|
1ec3d1a |
gen_require(`
|
|
|
1ec3d1a |
type alsa_home_t;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
userdom_search_user_home_dirs($1)
|
|
|
1ec3d1a |
allow $1 alsa_home_t:file manage_file_perms;
|
|
|
0d0408c |
alsa_filetrans_home_content($1)
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
########################################
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Read Alsa home files.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## <param name="domain">
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Domain allowed access.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## </param>
|
|
|
1ec3d1a |
#
|
|
|
1ec3d1a |
interface(`alsa_read_home_files',`
|
|
|
1ec3d1a |
gen_require(`
|
|
|
1ec3d1a |
type alsa_home_t;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
userdom_search_user_home_dirs($1)
|
|
|
1ec3d1a |
allow $1 alsa_home_t:file read_file_perms;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
########################################
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Relabel alsa home files.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## <param name="domain">
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Domain allowed access.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## </param>
|
|
|
1ec3d1a |
#
|
|
|
1ec3d1a |
interface(`alsa_relabel_home_files',`
|
|
|
1ec3d1a |
gen_require(`
|
|
|
1ec3d1a |
type alsa_home_t;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
userdom_search_user_home_dirs($1)
|
|
|
1ec3d1a |
allow $1 alsa_home_t:file relabel_file_perms;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
########################################
|
|
|
1ec3d1a |
## <summary>
|
|
Dominick Grift |
e31c5ec |
## Create objects in user home
|
|
Dominick Grift |
e31c5ec |
## directories with the generic alsa
|
|
Dominick Grift |
e31c5ec |
## home type.
|
|
Dominick Grift |
e31c5ec |
## </summary>
|
|
Dominick Grift |
e31c5ec |
## <param name="domain">
|
|
Dominick Grift |
e31c5ec |
## <summary>
|
|
Dominick Grift |
e31c5ec |
## Domain allowed access.
|
|
Dominick Grift |
e31c5ec |
## </summary>
|
|
Dominick Grift |
e31c5ec |
## </param>
|
|
Dominick Grift |
e31c5ec |
## <param name="object_class">
|
|
Dominick Grift |
e31c5ec |
## <summary>
|
|
Dominick Grift |
e31c5ec |
## Class of the object being created.
|
|
Dominick Grift |
e31c5ec |
## </summary>
|
|
Dominick Grift |
e31c5ec |
## </param>
|
|
Dominick Grift |
e31c5ec |
## <param name="name" optional="true">
|
|
Dominick Grift |
e31c5ec |
## <summary>
|
|
Dominick Grift |
e31c5ec |
## The name of the object being created.
|
|
Dominick Grift |
e31c5ec |
## </summary>
|
|
Dominick Grift |
e31c5ec |
## </param>
|
|
Dominick Grift |
e31c5ec |
#
|
|
Dominick Grift |
e31c5ec |
interface(`alsa_home_filetrans_alsa_home',`
|
|
Dominick Grift |
e31c5ec |
gen_require(`
|
|
Dominick Grift |
e31c5ec |
type alsa_home_t;
|
|
Dominick Grift |
e31c5ec |
')
|
|
Dominick Grift |
e31c5ec |
|
|
Dominick Grift |
e31c5ec |
userdom_user_home_dir_filetrans($1, alsa_home_t, $2, $3)
|
|
Dominick Grift |
e31c5ec |
')
|
|
Dominick Grift |
e31c5ec |
|
|
Dominick Grift |
e31c5ec |
########################################
|
|
Dominick Grift |
e31c5ec |
## <summary>
|
|
|
1ec3d1a |
## Read Alsa lib files.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## <param name="domain">
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Domain allowed access.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## </param>
|
|
|
1ec3d1a |
#
|
|
|
1ec3d1a |
interface(`alsa_read_lib',`
|
|
|
1ec3d1a |
gen_require(`
|
|
|
1ec3d1a |
type alsa_var_lib_t;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
files_search_var_lib($1)
|
|
|
1ec3d1a |
read_files_pattern($1, alsa_var_lib_t, alsa_var_lib_t)
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
########################################
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Transition to alsa named content
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## <param name="domain">
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Domain allowed access.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## </param>
|
|
|
1ec3d1a |
#
|
|
|
1ec3d1a |
interface(`alsa_filetrans_home_content',`
|
|
|
1ec3d1a |
gen_require(`
|
|
|
1ec3d1a |
type alsa_home_t;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
userdom_user_home_dir_filetrans($1, alsa_home_t, file, ".asoundrc")
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
########################################
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Transition to alsa named content
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## <param name="domain">
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Domain allowed access.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## </param>
|
|
|
1ec3d1a |
#
|
|
|
1ec3d1a |
interface(`alsa_filetrans_named_content',`
|
|
|
1ec3d1a |
gen_require(`
|
|
|
1ec3d1a |
type alsa_home_t;
|
|
|
1ec3d1a |
type alsa_etc_rw_t;
|
|
|
1ec3d1a |
type alsa_var_lib_t;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
files_etc_filetrans($1, alsa_etc_rw_t, file, "asound.state")
|
|
|
1ec3d1a |
files_etc_filetrans($1, alsa_etc_rw_t, dir, "pcm")
|
|
|
1ec3d1a |
files_etc_filetrans($1, alsa_etc_rw_t, dir, "asound")
|
|
|
1ec3d1a |
files_usr_filetrans($1, alsa_etc_rw_t, file, "alsa.conf")
|
|
|
1ec3d1a |
files_usr_filetrans($1, alsa_etc_rw_t, dir, "pcm")
|
|
|
1ec3d1a |
files_var_lib_filetrans($1, alsa_var_lib_t, dir, "alsa")
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
########################################
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Execute alsa server in the alsa domain.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## <param name="domain">
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Domain allowed to transition.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## </param>
|
|
|
1ec3d1a |
#
|
|
|
1ec3d1a |
interface(`alsa_systemctl',`
|
|
|
1ec3d1a |
gen_require(`
|
|
|
1ec3d1a |
type alsa_t;
|
|
|
1ec3d1a |
type alsa_unit_file_t;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
systemd_exec_systemctl($1)
|
|
|
1ec3d1a |
allow $1 alsa_unit_file_t:file read_file_perms;
|
|
|
1ec3d1a |
allow $1 alsa_unit_file_t:service manage_service_perms;
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
ps_process_pattern($1, alsa_t)
|
|
|
1ec3d1a |
')
|