13 lines
718 B
Plaintext
13 lines
718 B
Plaintext
# Add programs here which should not be confined by SELinux
|
|
# e.g.:
|
|
# /usr/local/bin/appsrv -- gen_context(system_u:object_r:unconfined_exec_t,s0)
|
|
# For the time being until someone writes a sane policy, we need initrc to transition to unconfined_t
|
|
/usr/bin/vncserver -- gen_context(system_u:object_r:unconfined_exec_t,s0)
|
|
|
|
ifdef(`targeted_policy',`
|
|
/usr/lib/openoffice.org.*/program/.*\.bin -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
|
|
/usr/bin/valgrind -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
|
|
/usr/local/RealPlay/realplay.bin -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
|
|
/usr/bin/mplayer -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
|
|
')
|