From: Dan Walsh <dwalsh@xxxxxxxxxx> Signed-off-by: Petr Lautrbach <plautrba@xxxxxxxxxx> --- python/sepolicy/sepolicy/templates/executable.py | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/python/sepolicy/sepolicy/templates/executable.py b/python/sepolicy/sepolicy/templates/executable.py index 4cc5bfa4..456a7ca8 100644 --- a/python/sepolicy/sepolicy/templates/executable.py +++ b/python/sepolicy/sepolicy/templates/executable.py @@ -220,7 +220,7 @@ if_program_rules=""" ######################################## ## <summary> -## Execute TEMPLATE in the TEMPLATETYPE domin. +## Execute TEMPLATETYPE_exec_t in the TEMPLATETYPE domin. ## </summary> ## <param name=\"domain\"> ## <summary> @@ -236,6 +236,25 @@ interface(`TEMPLATETYPE_domtrans',` corecmd_search_bin($1) domtrans_pattern($1, TEMPLATETYPE_exec_t, TEMPLATETYPE_t) ') + +###################################### +## <summary> +## Execute TEMPLATETYPE in the caller domain. +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`TEMPLATETYPE_exec',` + gen_require(` + type TEMPLATETYPE_exec_t; + ') + + corecmd_search_bin($1) + can_exec($1, TEMPLATETYPE_exec_t) +') """ if_user_program_rules=""" -- 2.12.2
