some home dir fixes
This commit is contained in:
Chris PeBenito
parent
240a3a9f64
commit
9aca490302
@ -204,6 +204,7 @@ template(`su_per_userdomain_template',`
|
|||||||
seutil_read_default_contexts($1_su_t)
|
seutil_read_default_contexts($1_su_t)
|
||||||
|
|
||||||
userdom_use_user_terminals($1,$1_su_t)
|
userdom_use_user_terminals($1,$1_su_t)
|
||||||
|
userdom_search_user_home($1,$1_su_t)
|
||||||
|
|
||||||
if(secure_mode) {
|
if(secure_mode) {
|
||||||
# Only allow transitions to unprivileged user domains.
|
# Only allow transitions to unprivileged user domains.
|
||||||
@ -215,6 +216,8 @@ template(`su_per_userdomain_template',`
|
|||||||
|
|
||||||
ifdef(`targeted_policy',`
|
ifdef(`targeted_policy',`
|
||||||
corecmd_exec_bin($1_su_t)
|
corecmd_exec_bin($1_su_t)
|
||||||
|
userdom_manage_user_home_subdir_files($1_su_t)
|
||||||
|
userdom_manage_user_home_subdir_symlink($1_su_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
tunable_policy(`use_nfs_home_dirs',`
|
tunable_policy(`use_nfs_home_dirs',`
|
||||||
@ -261,7 +264,6 @@ template(`su_per_userdomain_template',`
|
|||||||
# Inherit and use descriptors from gnome-pty-helper.
|
# Inherit and use descriptors from gnome-pty-helper.
|
||||||
ifdef(`gnome-pty-helper.te', `allow $1_su_t $1_gph_t:fd use;')
|
ifdef(`gnome-pty-helper.te', `allow $1_su_t $1_gph_t:fd use;')
|
||||||
|
|
||||||
allow $1_su_t { home_root_t $1_home_dir_t }:dir search;
|
|
||||||
allow $1_su_t $1_home_t:file create_file_perms;
|
allow $1_su_t $1_home_t:file create_file_perms;
|
||||||
|
|
||||||
ifdef(`user_canbe_sysadm', `
|
ifdef(`user_canbe_sysadm', `
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user