rpms
/
selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

- Add policy for kerneloops 

- Add policy for gnomeclock
This commit is contained in:
Daniel J Walsh 2008-02-05 18:31:25 +00:00
parent 7483cf9369
commit b53db53c9f
3 changed files with 31 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
modules-targeted.conf
View File

@ -472,6 +472,13 @@ getty = base
#
gnome = module
# Layer: services
# Module: gnomeclock
#
# gnomeclock used by dbus/polkit to set time
#
gnomeclock = module
# Layer: services
# Module: hal
#
@ -1613,3 +1620,10 @@ user = base
#
prelude = module
# Layer: services
# Module: kerneloops
#
# program to collect and submit kernel oopses to kerneloops.org
#
kerneloops = module

16
policy-20071130.patch
View File

@ -29268,8 +29268,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/staff.i
+## <summary>Policy for staff user</summary>
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/staff.te serefpolicy-3.2.6/policy/modules/users/staff.te
--- nsaserefpolicy/policy/modules/users/staff.te 1969-12-31 19:00:00.000000000 -0500
+++ serefpolicy-3.2.6/policy/modules/users/staff.te 2008-02-05 09:47:25.000000000 -0500
@@ -0,0 +1,55 @@
+++ serefpolicy-3.2.6/policy/modules/users/staff.te 2008-02-05 13:29:59.000000000 -0500
@@ -0,0 +1,65 @@
+policy_module(staff,1.0.1)
+userdom_unpriv_user_template(staff)
+
@ -29284,6 +29284,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/staff.t
+
+files_read_kernel_modules(staff_t)
+
+kernel_read_fs_sysctls(staff_t)
+
+modutils_read_module_config(staff_t)
+modutils_read_module_deps(staff_t)
+
@ -29293,6 +29295,10 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/staff.t
+seutil_run_newrole(staff_t, staff_r, { staff_tty_device_t staff_devpts_t })
+
+optional_policy(`
+ gnomeclock_dbus_chat(staff_t)
+')
+
+optional_policy(`
+ gpg_per_role_template(staff, staff_usertype, staff_r)
+')
+
@ -29322,9 +29328,13 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/staff.t
+')
+
+optional_policy(`
+ xserver_per_role_template(staff, staff_t, staff_r)
+ polkit_run_grant(staff_t, staff_r, { staff_devpts_t staff_tty_device_t })
+ polkit_read_lib(staff_t)
+')
+
+optional_policy(`
+ xserver_per_role_template(staff, staff_t, staff_r)
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/user.fc serefpolicy-3.2.6/policy/modules/users/user.fc
--- nsaserefpolicy/policy/modules/users/user.fc 1969-12-31 19:00:00.000000000 -0500
+++ serefpolicy-3.2.6/policy/modules/users/user.fc 2008-02-01 16:01:42.000000000 -0500

4
selinux-policy.spec
View File

@ -387,6 +387,10 @@ exit 0
%endif
%changelog
* Tue Feb 5 2008 Dan Walsh <dwalsh@redhat.com> 3.2.6-6
- Add policy for kerneloops
- Add policy for gnomeclock
* Mon Feb 4 2008 Dan Walsh <dwalsh@redhat.com> 3.2.6-5
- Fixes for libvirt