## policy for svn-mailer
########################################
##
## Execute a domain transition to run svn-mailer.
##
##
##
## Domain allowed to transition.
##
##
#
interface(`svnmailer_domtrans',`
gen_require(`
type httpd_svnmailer_script_t, httpd_svnmailer_script_exec_t;
')
domain_auto_trans($1, httpd_svnmailer_script_exec_t, httpd_svnmailer_script_t)
allow httpd_svnmailer_script_t $1:fd use;
allow httpd_svnmailer_script_t $1:fifo_file rw_file_perms;
allow httpd_svnmailer_script_t $1:process sigchld;
')
########################################
##
## Allow the specified domain to manage
## svnmailer log files.
##
##
##
## Domain allowed access.
##
##
#
interface(`svnmailer_manage_log',`
gen_require(`
type svnmailer_log_t;
')
logging_log_filetrans($1, svnmailer_log_t, { file dir })
manage_dirs_pattern($1, svnmailer_log_t, svnmailer_log_t)
manage_files_pattern($1, svnmailer_log_t, svnmailer_log_t)
')