2020-01-12 20:28:49 +00:00
|
|
|
module xrdp 1.0.2;
|
2017-04-12 12:15:12 +00:00
|
|
|
|
|
|
|
require {
|
|
|
|
type unconfined_service_t;
|
|
|
|
type unconfined_t;
|
2020-01-12 20:28:49 +00:00
|
|
|
type unlabeled_t;
|
2017-04-12 12:15:12 +00:00
|
|
|
type xserver_exec_t;
|
2018-04-22 06:37:17 +00:00
|
|
|
type xserver_t;
|
|
|
|
type oddjob_t;
|
|
|
|
type oddjob_mkhomedir_exec_t;
|
2017-04-12 12:15:12 +00:00
|
|
|
class process transition;
|
|
|
|
class file entrypoint;
|
2018-04-22 06:37:17 +00:00
|
|
|
class process2 nnp_transition;
|
2020-01-12 20:28:49 +00:00
|
|
|
class vsock_socket { getattr read write };
|
2017-04-12 12:15:12 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#============= unconfined_service_t ==============
|
|
|
|
allow unconfined_service_t unconfined_t:process transition;
|
2018-04-22 06:37:17 +00:00
|
|
|
allow unconfined_service_t oddjob_mkhomedir_exec_t:file entrypoint;
|
2020-01-12 20:28:49 +00:00
|
|
|
allow unconfined_service_t unlabeled_t:vsock_socket { getattr read write };
|
2017-04-12 12:15:12 +00:00
|
|
|
|
|
|
|
#============= unconfined_t ==============
|
|
|
|
allow unconfined_t xserver_exec_t:file entrypoint;
|
2018-04-22 06:37:17 +00:00
|
|
|
allow unconfined_t xserver_t:process2 nnp_transition;
|
|
|
|
|
|
|
|
#============= oddjob_t ==============
|
|
|
|
allow oddjob_t unconfined_service_t:process transition;
|