Stephen Smalley | 2dd4e51 | 2012-01-04 12:33:27 -0500 | [diff] [blame] | 1 | # wpa - wpa supplicant or equivalent |
| 2 | type wpa, domain; |
| 3 | type wpa_exec, exec_type, file_type; |
| 4 | |
| 5 | init_daemon_domain(wpa) |
Stephen Smalley | b1cb320 | 2013-10-29 14:42:41 -0400 | [diff] [blame] | 6 | allow wpa kernel:system module_request; |
| 7 | allow wpa self:capability { setuid net_admin setgid net_raw }; |
| 8 | allow wpa cgroup:dir create_dir_perms; |
| 9 | allow wpa self:netlink_route_socket *; |
| 10 | allow wpa self:netlink_socket *; |
| 11 | allow wpa self:packet_socket *; |
| 12 | allow wpa self:udp_socket *; |
| 13 | allow wpa wifi_data_file:dir create_dir_perms; |
| 14 | allow wpa wifi_data_file:file create_file_perms; |
| 15 | unix_socket_send(wpa, system_wpa, system_server) |
| 16 | allow wpa random_device:chr_file r_file_perms; |
| 17 | |
| 18 | # Create a socket for receiving info from wpa |
rpcraig | abd977a | 2012-08-10 06:25:52 -0400 | [diff] [blame] | 19 | type_transition wpa wifi_data_file:sock_file wpa_socket; |
Stephen Smalley | b1cb320 | 2013-10-29 14:42:41 -0400 | [diff] [blame] | 20 | allow wpa wpa_socket:sock_file create_file_perms; |