Oreon-Lime-R2/selinux-policy/selinux-policy-bc228bd/selinux-policy-bc228bd0c249a9e4aa3dcf238c2b1bb138943b07/policy/modules/contrib/zosremote.if

48 lines
989 B
Text
Raw Normal View History

## <summary>z/OS Remote-services Audit dispatcher plugin.</summary>
########################################
## <summary>
## Execute a domain transition to run audispd-zos-remote.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed to transition.
## </summary>
## </param>
#
interface(`zosremote_domtrans',`
gen_require(`
type zos_remote_t, zos_remote_exec_t;
')
corecmd_search_bin($1)
domtrans_pattern($1, zos_remote_exec_t, zos_remote_t)
')
########################################
## <summary>
## Execute zos remote in the zos remote
## domain, and allow the specified role
## the zos remote domain.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
## <summary>
## Role allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`zosremote_run',`
gen_require(`
attribute_role zos_remote_roles;
')
zosremote_domtrans($1)
roleattribute $2 zos_remote_roles;
')