GPG patch from Dan Walsh.

This commit is contained in:
Chris PeBenito 2009-12-01 10:30:07 -05:00
parent 962d6fb9b0
commit 36ded4bd36

View File

@ -1,5 +1,5 @@
policy_module(gpg, 2.2.0)
policy_module(gpg, 2.2.1)
########################################
#
@ -104,11 +104,36 @@ files_dontaudit_search_var(gpg_t)
auth_use_nsswitch(gpg_t)
miscfiles_read_localization(gpg_t)
logging_send_syslog_msg(gpg_t)
miscfiles_read_localization(gpg_t)
userdom_use_user_terminals(gpg_t)
# sign/encrypt user files
userdom_manage_user_tmp_files(gpg_t)
userdom_manage_user_home_content_files(gpg_t)
mta_write_config(gpg_t)
tunable_policy(`use_nfs_home_dirs',`
fs_manage_nfs_dirs(gpg_t)
fs_manage_nfs_files(gpg_t)
')
tunable_policy(`use_samba_home_dirs',`
fs_manage_cifs_dirs(gpg_t)
fs_manage_cifs_files(gpg_t)
')
optional_policy(`
xserver_use_xdm_fds(gpg_t)
xserver_rw_xdm_pipes(gpg_t)
')
optional_policy(`
cron_system_entry(gpg_t, gpg_exec_t)
cron_read_system_job_tmp_files(gpg_t)
')
########################################
#
@ -146,23 +171,13 @@ files_read_etc_files(gpg_helper_t)
auth_use_nsswitch(gpg_helper_t)
userdom_use_user_terminals(gpg_helper_t)
# sign/encrypt user files
userdom_manage_user_tmp_files(gpg_t)
userdom_manage_user_home_content_files(gpg_t)
tunable_policy(`use_nfs_home_dirs',`
fs_manage_nfs_dirs(gpg_t)
fs_manage_nfs_files(gpg_t)
fs_dontaudit_rw_nfs_files(gpg_helper_t)
')
tunable_policy(`use_samba_home_dirs',`
fs_manage_cifs_dirs(gpg_t)
fs_manage_cifs_files(gpg_t)
')
optional_policy(`
xserver_use_xdm_fds(gpg_t)
xserver_rw_xdm_pipes(gpg_t)
fs_dontaudit_rw_cifs_files(gpg_helper_t)
')
########################################