clean up usercanread
This commit is contained in:
parent
b1bf2f7811
commit
376fbc0be9
@ -1,5 +1,5 @@
|
|||||||
|
|
||||||
policy_module(cups,1.3.12)
|
policy_module(cups,1.3.13)
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
#
|
#
|
||||||
@ -157,8 +157,6 @@ domain_read_all_domains_state(cupsd_t)
|
|||||||
|
|
||||||
fs_getattr_all_fs(cupsd_t)
|
fs_getattr_all_fs(cupsd_t)
|
||||||
fs_search_auto_mountpoints(cupsd_t)
|
fs_search_auto_mountpoints(cupsd_t)
|
||||||
# from old usercanread attrib:
|
|
||||||
fs_read_removable_files(cupsd_t)
|
|
||||||
|
|
||||||
term_dontaudit_use_console(cupsd_t)
|
term_dontaudit_use_console(cupsd_t)
|
||||||
term_write_unallocated_ttys(cupsd_t)
|
term_write_unallocated_ttys(cupsd_t)
|
||||||
@ -271,12 +269,7 @@ optional_policy(`
|
|||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
# from old usercanread attrib:
|
samba_read_config(cupsd_t)
|
||||||
rpc_read_nfs_content(cupsd_t)
|
|
||||||
rpc_read_nfs_state_data(cupsd_t)
|
|
||||||
')
|
|
||||||
|
|
||||||
optional_policy(`
|
|
||||||
samba_rw_var_files(cupsd_t)
|
samba_rw_var_files(cupsd_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
@ -288,21 +281,6 @@ optional_policy(`
|
|||||||
udev_read_db(cupsd_t)
|
udev_read_db(cupsd_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
|
||||||
# from old usercanread attrib:
|
|
||||||
usermanage_read_crack_db(cupsd_t)
|
|
||||||
')
|
|
||||||
|
|
||||||
optional_policy(`
|
|
||||||
# from old usercanread attrib:
|
|
||||||
xserver_read_xkb_libs(cupsd_t)
|
|
||||||
')
|
|
||||||
|
|
||||||
#FIXME:
|
|
||||||
allow cupsd_t usercanread:dir r_dir_perms;
|
|
||||||
allow cupsd_t usercanread:file r_file_perms;
|
|
||||||
allow cupsd_t usercanread:lnk_file { getattr read };
|
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
#
|
#
|
||||||
# Cups configuration daemon local policy
|
# Cups configuration daemon local policy
|
||||||
|
Loading…
Reference in New Issue
Block a user