| blob | b206866cc5eb4abc3075f8692637a7096d7f0b0e |
2 ## <summary>policy for bitcoin</summary>
5 ########################################
6 ## <summary>
7 ## Transition to bitcoin.
8 ## </summary>
9 ## <param name="domain">
10 ## <summary>
11 ## Domain allowed to transition.
12 ## </summary>
13 ## </param>
14 #
15 interface(`bitcoin_domtrans',`
16 gen_require(`
17 type bitcoin_t, bitcoin_exec_t;
18 ')
20 corecmd_search_bin($1)
21 domtrans_pattern($1, bitcoin_exec_t, bitcoin_t)
22 ')
25 ########################################
26 ## <summary>
27 ## Execute bitcoin server in the bitcoin domain.
28 ## </summary>
29 ## <param name="domain">
30 ## <summary>
31 ## Domain allowed access.
32 ## </summary>
33 ## </param>
34 #
35 interface(`bitcoin_initrc_domtrans',`
36 gen_require(`
37 type bitcoin_initrc_exec_t;
38 ')
40 init_labeled_script_domtrans($1, bitcoin_initrc_exec_t)
41 ')
44 ########################################
45 ## <summary>
46 ## Search bitcoin lib directories.
47 ## </summary>
48 ## <param name="domain">
49 ## <summary>
50 ## Domain allowed access.
51 ## </summary>
52 ## </param>
53 #
54 interface(`bitcoin_search_lib',`
55 gen_require(`
56 type bitcoin_var_lib_t;
57 ')
59 allow $1 bitcoin_var_lib_t:dir search_dir_perms;
60 files_search_var_lib($1)
61 ')
63 ########################################
64 ## <summary>
65 ## Read bitcoin lib files.
66 ## </summary>
67 ## <param name="domain">
68 ## <summary>
69 ## Domain allowed access.
70 ## </summary>
71 ## </param>
72 #
73 interface(`bitcoin_read_lib_files',`
74 gen_require(`
75 type bitcoin_var_lib_t;
76 ')
78 files_search_var_lib($1)
79 read_files_pattern($1, bitcoin_var_lib_t, bitcoin_var_lib_t)
80 ')
82 ########################################
83 ## <summary>
84 ## Manage bitcoin lib files.
85 ## </summary>
86 ## <param name="domain">
87 ## <summary>
88 ## Domain allowed access.
89 ## </summary>
90 ## </param>
91 #
92 interface(`bitcoin_manage_lib_files',`
93 gen_require(`
94 type bitcoin_var_lib_t;
95 ')
97 files_search_var_lib($1)
98 manage_files_pattern($1, bitcoin_var_lib_t, bitcoin_var_lib_t)
99 ')
101 ########################################
102 ## <summary>
103 ## Manage bitcoin lib directories.
104 ## </summary>
105 ## <param name="domain">
106 ## <summary>
107 ## Domain allowed access.
108 ## </summary>
109 ## </param>
110 #
111 interface(`bitcoin_manage_lib_dirs',`
112 gen_require(`
113 type bitcoin_var_lib_t;
114 ')
116 files_search_var_lib($1)
117 manage_dirs_pattern($1, bitcoin_var_lib_t, bitcoin_var_lib_t)
118 ')
121 ########################################
122 ## <summary>
123 ## All of the rules required to administrate
124 ## a bitcoin environment
125 ## </summary>
126 ## <param name="domain">
127 ## <summary>
128 ## Domain allowed access.
129 ## </summary>
130 ## </param>
131 ## <param name="role">
132 ## <summary>
133 ## Role allowed access.
134 ## </summary>
135 ## </param>
136 ## <rolecap/>
137 #
138 interface(`bitcoin_admin',`
139 gen_require(`
140 type bitcoin_t;
141 type bitcoin_initrc_exec_t;
142 type bitcoin_var_lib_t;
143 ')
145 allow $1 bitcoin_t:process { ptrace signal_perms };
146 ps_process_pattern($1, bitcoin_t)
148 bitcoin_initrc_domtrans($1)
149 domain_system_change_exemption($1)
150 role_transition $2 bitcoin_initrc_exec_t system_r;
151 allow $2 system_r;
153 files_search_var_lib($1)
154 admin_pattern($1, bitcoin_var_lib_t)
156 ')