diff options
Diffstat (limited to 'policy/modules/services/modemmanager.te')
| -rw-r--r-- | policy/modules/services/modemmanager.te | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/policy/modules/services/modemmanager.te b/policy/modules/services/modemmanager.te new file mode 100644 index 00000000..9efe585d --- /dev/null +++ b/policy/modules/services/modemmanager.te @@ -0,0 +1,62 @@ +policy_module(modemmanager, 1.6.0) + +######################################## +# +# Declarations +# + +type modemmanager_t; +type modemmanager_exec_t; +init_daemon_domain(modemmanager_t, modemmanager_exec_t) +typealias modemmanager_t alias ModemManager_t; +typealias modemmanager_exec_t alias ModemManager_exec_t; + +######################################## +# +# Local policy +# + +allow modemmanager_t self:capability { net_admin sys_admin sys_tty_config }; +allow modemmanager_t self:process { getsched signal }; +allow modemmanager_t self:fifo_file rw_fifo_file_perms; +allow modemmanager_t self:unix_stream_socket create_stream_socket_perms; +allow modemmanager_t self:netlink_kobject_uevent_socket create_socket_perms; + +kernel_read_system_state(modemmanager_t) + +dev_read_sysfs(modemmanager_t) +dev_rw_modem(modemmanager_t) + +files_read_etc_files(modemmanager_t) + +term_use_generic_ptys(modemmanager_t) +term_use_unallocated_ttys(modemmanager_t) + +miscfiles_read_localization(modemmanager_t) + +logging_send_syslog_msg(modemmanager_t) + +optional_policy(` + dbus_system_domain(modemmanager_t, modemmanager_exec_t) + + optional_policy(` + devicekit_dbus_chat_power(modemmanager_t) + ') + + optional_policy(` + networkmanager_dbus_chat(modemmanager_t) + ') + + optional_policy(` + policykit_dbus_chat(modemmanager_t) + ') +') + +optional_policy(` + systemd_write_inherited_logind_inhibit_pipes(modemmanager_t) +') + +optional_policy(` + udev_read_db(modemmanager_t) + udev_manage_pid_files(modemmanager_t) +') |