fix ticket #16
This commit is contained in:
parent
e45324d1ee
commit
aeaae5185e
@ -87,25 +87,47 @@ interface(`term_tty',`
|
||||
type tty_device_t;
|
||||
')
|
||||
|
||||
typeattribute $2 ttynode, serial_device;
|
||||
type_change $1 tty_device_t:chr_file $2;
|
||||
typeattribute $1 ttynode, serial_device;
|
||||
|
||||
fs_associate($2)
|
||||
files_associate_tmp($2)
|
||||
# cjp: ?
|
||||
files_associate_tmp($1)
|
||||
|
||||
# static /dev:
|
||||
fs_associate($1)
|
||||
# udev:
|
||||
fs_associate_tmpfs($1)
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Transform specified type into a user tty type.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## User domain that is related to this tty.
|
||||
## </summary>
|
||||
## </param>
|
||||
## <param name="tty_type">
|
||||
## <summary>
|
||||
## An object type that will applied to a tty.
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`term_user_tty',`
|
||||
gen_require(`
|
||||
attribute ttynode;
|
||||
type tty_device_t;
|
||||
')
|
||||
|
||||
term_tty($2)
|
||||
|
||||
type_change $1 tty_device_t:chr_file $2;
|
||||
|
||||
# Debian login is from shadow utils and does not allow resetting the perms.
|
||||
# have to fix this!
|
||||
ifdef(`distro_debian',`
|
||||
type_change $1 ttynode:chr_file $2;
|
||||
')
|
||||
|
||||
ifdef(`distro_gentoo',`
|
||||
fs_associate_tmpfs($2)
|
||||
')
|
||||
|
||||
ifdef(`distro_redhat',`
|
||||
fs_associate_tmpfs($2)
|
||||
')
|
||||
')
|
||||
|
||||
########################################
|
||||
|
@ -38,7 +38,7 @@ template(`userdom_base_user_template',`
|
||||
files_type($1_devpts_t)
|
||||
|
||||
type $1_tty_device_t;
|
||||
term_tty($1_t,$1_tty_device_t)
|
||||
term_user_tty($1_t,$1_tty_device_t)
|
||||
|
||||
allow $1_t self:process { signal_perms getsched setsched share getpgid setpgid setcap getsession };
|
||||
allow $1_t self:fd use;
|
||||
|
Loading…
Reference in New Issue
Block a user