Skip to content

Commit f3c49b2

Browse files
zpytelazpytela
committed
Add insights_core and insights_client interfaces
The following interfaces were added: - insights_core_read_tmp_files() - insights_client_create_sock_files() - insights_client_write_sock_files() - insights_client_setattr_sock_files()
1 parent 161e8eb commit f3c49b2

File tree

2 files changed

+77
-1
lines changed

2 files changed

+77
-1
lines changed

policy/modules/contrib/insights_client.if

Lines changed: 57 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -321,6 +321,63 @@ interface(`insights_client_watch_lib_dirs',`
321321
allow $1 insights_client_var_lib_t:dir watch_dir_perms;
322322
')
323323

324+
########################################
325+
## <summary>
326+
## Create insights_client socket files.
327+
## </summary>
328+
## <param name="domain">
329+
## <summary>
330+
## Domain allowed access.
331+
## </summary>
332+
## </param>
333+
#
334+
interface(`insights_client_create_sock_files',`
335+
gen_require(`
336+
type insights_client_var_lib_t;
337+
')
338+
339+
files_search_var_lib($1)
340+
create_sock_files_pattern($1, insights_client_var_lib_t, insights_client_var_lib_t)
341+
')
342+
343+
########################################
344+
## <summary>
345+
## Write insights_client socket files.
346+
## </summary>
347+
## <param name="domain">
348+
## <summary>
349+
## Domain allowed access.
350+
## </summary>
351+
## </param>
352+
#
353+
interface(`insights_client_write_sock_files',`
354+
gen_require(`
355+
type insights_client_var_lib_t;
356+
')
357+
358+
files_search_var_lib($1)
359+
write_sock_files_pattern($1, insights_client_var_lib_t, insights_client_var_lib_t)
360+
')
361+
362+
########################################
363+
## <summary>
364+
## Setattr insights_client socket files.
365+
## </summary>
366+
## <param name="domain">
367+
## <summary>
368+
## Domain allowed access.
369+
## </summary>
370+
## </param>
371+
#
372+
interface(`insights_client_setattr_sock_files',`
373+
gen_require(`
374+
type insights_client_var_lib_t;
375+
')
376+
377+
files_search_var_lib($1)
378+
setattr_sock_files_pattern($1, insights_client_var_lib_t, insights_client_var_lib_t)
379+
')
380+
324381
########################################
325382
## <summary>
326383
## Append insights_client log files.

policy/modules/contrib/insights_core.if

Lines changed: 20 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ interface(`insights_core_write_pipes',`
4242

4343
########################################
4444
## <summary>
45-
## Read insights_client lib files.
45+
## Read insights_core lib files.
4646
## </summary>
4747
## <param name="domain">
4848
## <summary>
@@ -60,6 +60,25 @@ interface(`insights_core_read_lib_files',`
6060
allow $1 insights_core_var_lib_t:file map;
6161
')
6262

63+
########################################
64+
## <summary>
65+
## Read insights_core tmp files.
66+
## </summary>
67+
## <param name="domain">
68+
## <summary>
69+
## Domain allowed access.
70+
## </summary>
71+
## </param>
72+
#
73+
interface(`insights_core_read_tmp_files',`
74+
gen_require(`
75+
type insights_core_tmp_t;
76+
')
77+
78+
files_search_tmp($1)
79+
read_files_pattern($1, insights_core_tmp_t, insights_core_tmp_t)
80+
')
81+
6382
########################################
6483
## <summary>
6584
## Allow the specified domain to read insights-core state files in /proc.

0 commit comments

Comments
 (0)