fix ticket #16

This commit is contained in:
Chris PeBenito 2006-10-16 16:51:57 +00:00
parent e45324d1ee
commit aeaae5185e
2 changed files with 35 additions and 13 deletions

View File

@ -87,25 +87,47 @@ interface(`term_tty',`
type tty_device_t;
')
typeattribute $2 ttynode, serial_device;
type_change $1 tty_device_t:chr_file $2;
typeattribute $1 ttynode, serial_device;
fs_associate($2)
files_associate_tmp($2)
# cjp: ?
files_associate_tmp($1)
# static /dev:
fs_associate($1)
# udev:
fs_associate_tmpfs($1)
')
########################################
## <summary>
## Transform specified type into a user tty type.
## </summary>
## <param name="domain">
## <summary>
## User domain that is related to this tty.
## </summary>
## </param>
## <param name="tty_type">
## <summary>
## An object type that will applied to a tty.
## </summary>
## </param>
#
interface(`term_user_tty',`
gen_require(`
attribute ttynode;
type tty_device_t;
')
term_tty($2)
type_change $1 tty_device_t:chr_file $2;
# Debian login is from shadow utils and does not allow resetting the perms.
# have to fix this!
ifdef(`distro_debian',`
type_change $1 ttynode:chr_file $2;
')
ifdef(`distro_gentoo',`
fs_associate_tmpfs($2)
')
ifdef(`distro_redhat',`
fs_associate_tmpfs($2)
')
')
########################################

View File

@ -38,7 +38,7 @@ template(`userdom_base_user_template',`
files_type($1_devpts_t)
type $1_tty_device_t;
term_tty($1_t,$1_tty_device_t)
term_user_tty($1_t,$1_tty_device_t)
allow $1_t self:process { signal_perms getsched setsched share getpgid setpgid setcap getsession };
allow $1_t self:fd use;