- new selinux pols

author: toni <matzeton@googlemail.com> 2014-11-24 19:05:36 +0100
committer: toni <matzeton@googlemail.com> 2014-11-24 19:05:36 +0100
commit: 587f4b1ae4aaccd5519083833e5f65b106904f51 (patch)
tree: cf1bbdf05a5e4447110738fc31114427bc1cc8eb /selinux_pols/pulse.te
parent: da31632e4c9dd01014477261d8e4486d70c993ac (diff)
1 files changed, 31 insertions, 1 deletions
diff --git a/selinux_pols/pulse.te b/selinux_pols/pulse.te
index 2c48f8b..6e7672d 100644
--- a/selinux_pols/pulse.te
+++ b/selinux_pols/pulse.te
@@ -1,4 +1,4 @@
-module pulse-custom 1.0;
+module pulse-custom 1.2;
 
 require {
 	type pulseaudio_t;
@@ -7,3 +7,33 @@ require {
 
 #============= pulseaudio_t ==============
 allow pulseaudio_t self:sem { read write unix_write };
+
+require {
+	type udev_tbl_t;
+	type pulseaudio_t;
+	class file { read getattr open };
+}
+
+#============= pulseaudio_t ==============
+allow pulseaudio_t udev_tbl_t:file { read getattr open };
+
+require {
+	type pulseaudio_t;
+	class sem destroy;
+}
+
+#============= pulseaudio_t ==============
+allow pulseaudio_t self:sem destroy;
+
+require {
+	type initrc_state_t;
+	type tmpfs_t;
+	type pulseaudio_t;
+	class sem { unix_read create getattr setattr associate };
+	class file { read write getattr open };
+}
+
+#============= pulseaudio_t ==============
+allow pulseaudio_t initrc_state_t:file { read getattr open };
+allow pulseaudio_t self:sem { unix_read create getattr setattr associate };
+allow pulseaudio_t tmpfs_t:file { read write };
author	toni <matzeton@googlemail.com>	2014-11-24 19:05:36 +0100
committer	toni <matzeton@googlemail.com>	2014-11-24 19:05:36 +0100
commit	587f4b1ae4aaccd5519083833e5f65b106904f51 (patch)
tree	cf1bbdf05a5e4447110738fc31114427bc1cc8eb /selinux_pols/pulse.te
parent	da31632e4c9dd01014477261d8e4486d70c993ac (diff)