1 # Point to Point Protocol daemon 2 type ppp, domain; 3 type ppp_device, dev_type; 4 type ppp_exec, exec_type, file_type; 5 6 net_domain(ppp) 7 8 r_dir_file(ppp, proc_net) 9 10 allow ppp mtp:socket rw_socket_perms; 11 12 # ioctls needed for VPN. 13 allowxperm ppp self:udp_socket ioctl priv_sock_ioctls; 14 allowxperm ppp mtp:socket ioctl ppp_ioctls; 15 16 allow ppp mtp:unix_dgram_socket rw_socket_perms; 17 allow ppp ppp_device:chr_file rw_file_perms; 18 allow ppp self:capability net_admin; 19 allow ppp system_file:file rx_file_perms; 20 not_full_treble(`allow ppp vendor_file:file rx_file_perms;') 21 allow ppp vpn_data_file:dir w_dir_perms; 22 allow ppp vpn_data_file:file create_file_perms; 23 allow ppp mtp:fd use; 24
