## NX remote desktop
########################################
##
## Transition to NX server.
##
##
##
## Domain allowed to transition.
##
##
#
interface(`nx_spec_domtrans_server',`
gen_require(`
type nx_server_t, nx_server_exec_t;
')
spec_domtrans_pattern($1, nx_server_exec_t, nx_server_t)
')
########################################
##
## Read nx home directory content
##
##
##
## Domain allowed access.
##
##
#
interface(`nx_read_home_files',`
gen_require(`
type nx_server_home_ssh_t, nx_server_var_lib_t;
')
allow $1 nx_server_var_lib_t:dir search_dir_perms;
read_files_pattern($1, nx_server_home_ssh_t, nx_server_home_ssh_t)
')
########################################
##
## Read nx /var/lib content
##
##
##
## Domain allowed access.
##
##
#
interface(`nx_search_var_lib',`
gen_require(`
type nx_server_var_lib_t;
')
allow $1 nx_server_var_lib_t:dir search_dir_perms;
')
########################################
##
## Create an object in the root directory, with a private
## type using a type transition.
##
##
##
## Domain allowed access.
##
##
##
##
## The type of the object to be created.
##
##
##
##
## The object class of the object being created.
##
##
#
interface(`nx_var_lib_filetrans',`
gen_require(`
type nx_server_var_lib_t;
')
filetrans_pattern($1, nx_server_var_lib_t, $2, $3)
')