diff options
Diffstat (limited to 'policy/modules/contrib/bitcoin.if')
-rw-r--r-- | policy/modules/contrib/bitcoin.if | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/policy/modules/contrib/bitcoin.if b/policy/modules/contrib/bitcoin.if new file mode 100644 index 00000000..bf4b333a --- /dev/null +++ b/policy/modules/contrib/bitcoin.if @@ -0,0 +1,45 @@ +## <summary>Bitcoin software-based online payment system</summary> + +######################################### +## <summary> +## Administer a bitcoin environment +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access +## </summary> +## </param> +## <param name="role"> +## <summary> +## Role allowed access +## </summary> +## </param> +# +interface(`bitcoin_admin',` + gen_require(` + type bitcoin_t; + type bitcoin_etc_t, bitcoin_tmp_t, bitcoin_log_t; + type bitcoin_var_lib_t, bitcoin_runtime_t; + type bitcoin_initrc_exec_t; + ') + + allow $1 bitcoin_t:process { ptrace signal_perms }; + ps_process_pattern($1, bitcoin_t) + + init_startstop_service($1, $2, bitcoin_t, bitcoin_initrc_exec_t) + + files_list_tmp($1) + admin_pattern($1, bitcoin_tmp_t) + + logging_list_logs($1) + admin_pattern($1, bitcoin_log_t) + + files_list_etc($1) + admin_pattern($1, bitcoin_etc_t) + + files_list_var_lib($1) + admin_pattern($1, bitcoin_var_lib_t) + + files_list_runtime($1) + admin_pattern($1, bitcoin_runtime_t) +') |