|
 |
a1cea83 |
## <summary>policy for vsomeip</summary>
|
|
|
a1cea83 |
|
|
|
a1cea83 |
interface(`vsomeip_use',`
|
|
|
a1cea83 |
gen_require(`
|
|
 |
a063747 |
type vsomeip_t;
|
|
|
a1cea83 |
type vsomeip_var_run_t;
|
|
|
a1cea83 |
type router_vsomeip_var_run_t;
|
|
|
a1cea83 |
')
|
|
|
a1cea83 |
# create and use vsomeip sockets:
|
|
|
a1cea83 |
allow $1 vsomeip_var_run_t:dir { add_name remove_name write };
|
|
|
a1cea83 |
allow $1 vsomeip_var_run_t:sock_file { create setattr write unlink };
|
|
|
a1cea83 |
|
|
|
a1cea83 |
# Talk to routing manager (and back)
|
|
|
a1cea83 |
allow $1 vsomeip_t:unix_stream_socket connectto;
|
|
|
a1cea83 |
allow vsomeip_t $1:unix_stream_socket connectto;
|
|
|
a1cea83 |
allow $1 router_vsomeip_var_run_t:sock_file write;
|
|
|
a1cea83 |
')
|
|
|
a1cea83 |
|
|
|
a1cea83 |
interface(`vsomeip_talk_to',`
|
|
|
a1cea83 |
allow $1 $2:unix_stream_socket connectto;
|
|
|
a1cea83 |
')
|