[selinux-policy: 2288/3172] Implement screen-locking feature.
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 22:23:11 UTC 2010
commit a92ee5012636c565061214d30177e0cd51f5c4dd
Author: Dominick Grift <domg472 at gmail.com>
Date: Thu Oct 22 16:23:43 2009 +0200
Implement screen-locking feature.
Signed-off-by: Dominick Grift <domg472 at gmail.com>
Signed-off-by: Chris PeBenito <cpebenito at tresys.com>
policy/modules/apps/screen.if | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
---
diff --git a/policy/modules/apps/screen.if b/policy/modules/apps/screen.if
index ac70bc0..9e2f209 100644
--- a/policy/modules/apps/screen.if
+++ b/policy/modules/apps/screen.if
@@ -44,6 +44,7 @@ template(`screen_role_template',`
#
allow $1_screen_t self:capability { setuid setgid fsetid };
+ allow $1_screen_t self:fifo_file rw_fifo_file_perms;
allow $1_screen_t self:process signal_perms;
allow $1_screen_t self:tcp_socket create_stream_socket_perms;
allow $1_screen_t self:udp_socket create_socket_perms;
@@ -117,6 +118,7 @@ template(`screen_role_template',`
fs_search_auto_mountpoints($1_screen_t)
fs_getattr_xattr_fs($1_screen_t)
+ auth_domtrans_chk_passwd($1_screen_t)
auth_use_nsswitch($1_screen_t)
auth_dontaudit_read_shadow($1_screen_t)
auth_dontaudit_exec_utempter($1_screen_t)
More information about the scm-commits
mailing list