commit: e0bfa34ed7854bb95ca797dc48596936ed3c83cf
Author: Guido Trentalancia <guido <AT> trentalancia <DOT> net>
AuthorDate: Fri Jan 20 01:06:09 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Wed Jan 25 07:08:14 2017 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=e0bfa34e
cups: new interface to execute HPLIP applications in their own domain
Add a new interface to the cups module to execute HP Linux Imaging
and Printing (HPLIP) applications in their own domain.
Signed-off-by: Guido Trentalancia <guido <AT> trentalancia.net>
policy/modules/contrib/cups.if | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
diff --git a/policy/modules/contrib/cups.if b/policy/modules/contrib/cups.if
index a6bcb68..f0261ca 100644
--- a/policy/modules/contrib/cups.if
+++ b/policy/modules/contrib/cups.if
@@ -375,3 +375,24 @@ interface(`cups_admin',`
admin_pattern($1, { cupsd_config_var_run_t cupsd_var_run_t
hplip_var_run_t })
admin_pattern($1, { ptal_var_run_t cupsd_lpd_var_run_t })
')
+
+########################################
+## <summary>
+## Execute HP Linux Imaging and
+## Printing applications in their
+## own domain.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed to transition.
+## </summary>
+## </param>
+#
+interface(`cups_domtrans_hplip',`
+ gen_require(`
+ type hplip_t, hplip_exec_t;
+ ')
+
+ corecmd_search_bin($1)
+ domtrans_pattern($1, hplip_exec_t, hplip_t)
+')
