## <summary>policy for livecd</summary>

########################################
## <summary>
##	Execute a domain transition to run livecd.
## </summary>
## <param name="domain">
## <summary>
##	Domain allowed to transition.
## </summary>
## </param>
#
interface(`livecd_domtrans',`
	gen_require(`
		type livecd_t;
                type livecd_exec_t;
	')

	domtrans_pattern($1,livecd_exec_t,livecd_t)
')


########################################
## <summary>
##	Execute livecd in the livecd domain, and
##	allow the specified role the livecd domain.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access
##	</summary>
## </param>
## <param name="role">
##	<summary>
##	The role to be allowed the livecd domain.
##	</summary>
## </param>
## <param name="terminal">
##	<summary>
##	The type of the role's terminal.
##	</summary>
## </param>
#
interface(`livecd_run',`
	gen_require(`
		type livecd_t;
	')

	livecd_domtrans($1)
	role $2 types livecd_t;
	allow livecd_t $3:chr_file rw_term_perms;
	
	seutil_run_setfiles_mac(livecd_t, $2, $3)
')