## Likewise Active Directory support for UNIX. ## ##

## Likewise Open is a free, open source application that joins Linux, Unix, ## and Mac machines to Microsoft Active Directory to securely authenticate ## users with their domain credentials. ##

##
####################################### ## ## The template to define a likewise domain. ## ## ##

## This template creates a domain to be used for ## a new likewise daemon. ##

##
## ## ## The type of daemon to be used. ## ## # template(`likewise_domain_template',` gen_require(` attribute likewise_domains; type likewise_var_lib_t; ') ######################################## # # Declarations # type $1_t; type $1_exec_t; init_daemon_domain($1_t, $1_exec_t) domain_use_interactive_fds($1_t) typeattribute $1_t likewise_domains; type $1_var_run_t; files_pid_file($1_var_run_t) type $1_var_socket_t; files_type($1_var_socket_t) type $1_var_lib_t; files_type($1_var_lib_t) #################################### # # Local Policy # allow $1_t self:process { signal_perms getsched setsched }; allow $1_t self:fifo_file rw_fifo_file_perms; allow $1_t self:unix_dgram_socket create_socket_perms; allow $1_t self:unix_stream_socket create_stream_socket_perms; allow $1_t self:tcp_socket create_stream_socket_perms; allow $1_t self:udp_socket create_socket_perms; allow $1_t likewise_var_lib_t:dir setattr_dir_perms; manage_files_pattern($1_t, $1_var_run_t, $1_var_run_t) files_pid_filetrans($1_t, $1_var_run_t, file) manage_files_pattern($1_t, likewise_var_lib_t, $1_var_lib_t) filetrans_pattern($1_t, likewise_var_lib_t, $1_var_lib_t, file) manage_sock_files_pattern($1_t, likewise_var_lib_t, $1_var_socket_t) filetrans_pattern($1_t, likewise_var_lib_t, $1_var_socket_t, sock_file) dev_read_rand($1_t) dev_read_urand($1_t) files_read_etc_files($1_t) files_search_var_lib($1_t) logging_send_syslog_msg($1_t) miscfiles_read_localization($1_t) ') ######################################## ## ## Connect to lsassd. ## ## ## ## Domain allowed access. ## ## # interface(`likewise_stream_connect_lsassd',` gen_require(` type likewise_var_lib_t, lsassd_var_socket_t, lsassd_t; ') files_search_pids($1) stream_connect_pattern($1, likewise_var_lib_t, lsassd_var_socket_t, lsassd_t) ')