Update file contexts for LightDM
[proj/hardened-refpolicy.git] / policy / modules / contrib / asterisk.if
index 7268a04..2077053 100644 (file)
@@ -19,6 +19,25 @@ interface(`asterisk_domtrans',`
        domtrans_pattern($1, asterisk_exec_t, asterisk_t)
 ')
 
+######################################
+## <summary>
+##     Execute asterisk in the caller domain.
+## </summary>
+## <param name="domain">
+##     <summary>
+##     Domain allowed access.
+##     </summary>
+## </param>
+#
+interface(`asterisk_exec',`
+       gen_require(`
+               type asterisk_exec_t;
+       ')
+
+       corecmd_search_bin($1)
+       can_exec($1, asterisk_exec_t)
+')
+
 #####################################
 ## <summary>
 ##     Connect to asterisk over a unix domain.
@@ -113,6 +132,8 @@ interface(`asterisk_admin',`
        role_transition $2 asterisk_initrc_exec_t system_r;
        allow $2 system_r;
 
+       asterisk_exec($1)
+
        files_list_tmp($1)
        admin_pattern($1, asterisk_tmp_t)