summaryrefslogtreecommitdiff
path: root/policy/modules/services/rtkit.te
diff options
context:
space:
mode:
Diffstat (limited to 'policy/modules/services/rtkit.te')
-rw-r--r--policy/modules/services/rtkit.te35
1 files changed, 35 insertions, 0 deletions
diff --git a/policy/modules/services/rtkit.te b/policy/modules/services/rtkit.te
new file mode 100644
index 00000000..37cd1269
--- /dev/null
+++ b/policy/modules/services/rtkit.te
@@ -0,0 +1,35 @@
+
+policy_module(rtkit, 1.0.0)
+
+########################################
+#
+# Declarations
+#
+
+type rtkit_daemon_t;
+type rtkit_daemon_exec_t;
+dbus_system_domain(rtkit_daemon_t, rtkit_daemon_exec_t)
+
+########################################
+#
+# rtkit_daemon local policy
+#
+
+allow rtkit_daemon_t self:capability { dac_read_search setuid sys_chroot setgid sys_nice sys_ptrace };
+allow rtkit_daemon_t self:process { setsched getcap setcap setrlimit };
+
+kernel_read_system_state(rtkit_daemon_t)
+
+domain_read_all_domains_state(rtkit_daemon_t)
+
+fs_rw_anon_inodefs_files(rtkit_daemon_t)
+
+auth_use_nsswitch(rtkit_daemon_t)
+
+logging_send_syslog_msg(rtkit_daemon_t)
+
+miscfiles_read_localization(locale_t)
+
+optional_policy(`
+ policykit_dbus_chat(rtkit_daemon_t)
+')
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-24 05:16:08 +0000