32 lines
1.0 KiB
Diff
32 lines
1.0 KiB
Diff
diff --git a/policy/modules/roles/unconfineduser.te b/policy/modules/roles/unconfineduser.te
|
|
index 1105ff5..620e17b 100644
|
|
--- a/policy/modules/roles/unconfineduser.te
|
|
+++ b/policy/modules/roles/unconfineduser.te
|
|
@@ -188,6 +188,11 @@ optional_policy(`
|
|
rtkit_scheduled(unconfined_usertype)
|
|
')
|
|
|
|
+ # Might remove later if this proves to be problematic, but would like to gather AVCs
|
|
+ optional_policy(`
|
|
+ thumb_role(unconfined_r, unconfined_usertype)
|
|
+ ')
|
|
+
|
|
optional_policy(`
|
|
setroubleshoot_dbus_chat(unconfined_usertype)
|
|
setroubleshoot_dbus_chat_fixit(unconfined_t)
|
|
diff --git a/policy/modules/apps/thumb.te b/policy/modules/apps/thumb.te
|
|
index 73e7983..fc5b449 100644
|
|
--- a/policy/modules/apps/thumb.te
|
|
+++ b/policy/modules/apps/thumb.te
|
|
@@ -86,10 +86,6 @@ userdom_write_user_tmp_files(thumb_t)
|
|
|
|
userdom_use_inherited_user_ptys(thumb_t)
|
|
|
|
-optional_policy(`
|
|
- dbus_dontaudit_session_bus_connect(thumb_t)
|
|
-')
|
|
-
|
|
# optional_policy(`
|
|
# gnome_read_gconf_home_files(thumb_t)
|
|
# gnome_read_gstreamer_home_content(thumb_t)
|