# Run by odsign to verify a CompOs instance's keys.
type compos_verify_key, domain, coredomain;

type compos_verify_key_exec, exec_type, file_type, system_file_type;

binder_use(compos_verify_key);
virtualizationservice_use(compos_verify_key);

# Access the image & key files, delete on failure, rename pending to current
allow compos_verify_key apex_module_data_file:dir search;
allow compos_verify_key apex_compos_data_file:dir create_dir_perms;
allow compos_verify_key apex_compos_data_file:file create_file_perms;

# Allow odsign to redirect our stdout/stderr to log
allow compos_verify_key odsign:fd use;
allow compos_verify_key odsign_devpts:chr_file { read write };

# Only odsign can enter the domain via exec
neverallow { domain -odsign } compos_verify_key:process transition;
neverallow * compos_verify_key:process dyntransition;