[selinux-policy/master_contrib: 30/47] Add interface to allow sysadm_t to execute the asterisk command
Miroslav Grepl
mgrepl at fedoraproject.org
Wed Jan 16 13:33:02 UTC 2013
commit b324ecc171e0c752113a4c1c7b9f307e1f8eea75
Author: Dan Walsh <dwalsh at redhat.com>
Date: Mon Jan 14 19:53:10 2013 -0500
Add interface to allow sysadm_t to execute the asterisk command
asterisk.if | 19 +++++++++++++++++++
1 files changed, 19 insertions(+), 0 deletions(-)
---
diff --git a/asterisk.if b/asterisk.if
index 3a5dc33..6ffd87d 100644
--- a/asterisk.if
+++ b/asterisk.if
@@ -19,6 +19,25 @@ interface(`asterisk_domtrans',`
domtrans_pattern($1, asterisk_exec_t, asterisk_t)
')
+######################################
+## <summary>
+## Execute asterisk in the caller domain.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`asterisk_exec',`
+ gen_require(`
+ type asterisk_exec_t;
+ ')
+
+ corecmd_search_bin($1)
+ can_exec($1, asterisk_exec_t)
+')
+
#####################################
## <summary>
## Connect to asterisk over a unix domain.
More information about the scm-commits
mailing list