diff options
Diffstat (limited to 'policy/modules/services/bluetooth.if')
| -rw-r--r-- | policy/modules/services/bluetooth.if | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/policy/modules/services/bluetooth.if b/policy/modules/services/bluetooth.if index 0f45a8cc..bc3a72c1 100644 --- a/policy/modules/services/bluetooth.if +++ b/policy/modules/services/bluetooth.if @@ -188,6 +188,28 @@ interface(`bluetooth_dontaudit_read_helper_state',` dontaudit $1 bluetooth_helper_t:file read_file_perms; ') +##################################### +## <summary> +## Connect to bluetooth over a unix domain +## stream socket. The socket can be used +## for read and write. This is required for +# bluetooth helper context. +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`bluetooth_use_inherited_helper_stream_sockets',` + gen_require(` + type bluetooth_helper_t; + ') + + allow $1 bluetooth_helper_t:unix_stream_socket rw_socket_perms; + allow $1 bluetooth_helper_t:fd use; +') + ######################################## ## <summary> ## All of the rules required to |