## Ainit ALSA configuration tool.
########################################
##
## Execute a domain transition to run Alsa.
##
##
##
## Domain allowed to transition.
##
##
#
interface(`alsa_domtrans',`
gen_require(`
type alsa_t, alsa_exec_t;
')
corecmd_search_bin($1)
domtrans_pattern($1, alsa_exec_t, alsa_t)
')
########################################
##
## Execute a domain transition to run
## Alsa, and allow the specified role
## the Alsa domain.
##
##
##
## Domain allowed to transition.
##
##
##
##
## Role allowed access.
##
##
#
interface(`alsa_run',`
gen_require(`
type alsa_t;
')
alsa_domtrans($1)
role $2 types alsa_t;
')
########################################
##
## Read and write Alsa semaphores.
##
##
##
## Domain allowed access.
##
##
#
interface(`alsa_rw_semaphores',`
gen_require(`
type alsa_t;
')
allow $1 alsa_t:sem rw_sem_perms;
')
########################################
##
## Read and write Alsa shared memory.
##
##
##
## Domain allowed access.
##
##
#
interface(`alsa_rw_shared_mem',`
gen_require(`
type alsa_t;
')
allow $1 alsa_t:shm rw_shm_perms;
')
########################################
##
## Read writable Alsa config files.
##
##
##
## Domain allowed access.
##
##
#
interface(`alsa_read_rw_config',`
gen_require(`
type alsa_etc_rw_t;
')
files_search_etc($1)
allow $1 alsa_etc_rw_t:dir list_dir_perms;
read_files_pattern($1, alsa_etc_rw_t, alsa_etc_rw_t)
read_lnk_files_pattern($1, alsa_etc_rw_t, alsa_etc_rw_t)
ifdef(`distro_debian',`
files_search_usr($1)
')
')
########################################
##
## Manage writable Alsa config files.
##
##
##
## Domain allowed access.
##
##
#
interface(`alsa_manage_rw_config',`
gen_require(`
type alsa_etc_rw_t;
')
files_search_etc($1)
allow $1 alsa_etc_rw_t:dir list_dir_perms;
manage_files_pattern($1, alsa_etc_rw_t, alsa_etc_rw_t)
read_lnk_files_pattern($1, alsa_etc_rw_t, alsa_etc_rw_t)
ifdef(`distro_debian',`
files_search_usr($1)
')
')
########################################
##
## Manage alsa home files.
##
##
##
## Domain allowed access.
##
##
#
interface(`alsa_manage_home_files',`
gen_require(`
type alsa_home_t;
')
userdom_search_user_home_dirs($1)
allow $1 alsa_home_t:file manage_file_perms;
')
########################################
##
## Read Alsa home files.
##
##
##
## Domain allowed access.
##
##
#
interface(`alsa_read_home_files',`
gen_require(`
type alsa_home_t;
')
userdom_search_user_home_dirs($1)
allow $1 alsa_home_t:file read_file_perms;
')
########################################
##
## Relabel alsa home files.
##
##
##
## Domain allowed access.
##
##
#
interface(`alsa_relabel_home_files',`
gen_require(`
type alsa_home_t;
')
userdom_search_user_home_dirs($1)
allow $1 alsa_home_t:file relabel_file_perms;
')
########################################
##
## Read Alsa lib files.
##
##
##
## Domain allowed access.
##
##
#
interface(`alsa_read_lib',`
gen_require(`
type alsa_var_lib_t;
')
files_search_var_lib($1)
read_files_pattern($1, alsa_var_lib_t, alsa_var_lib_t)
')