[selinux-policy: 177/3172] add admin template
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 19:20:17 UTC 2010
commit 76bff31d96a8efd87fa45b7c6a646941f9226d23
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Wed May 18 13:20:16 2005 +0000
add admin template
refpolicy/policy/modules/system/userdomain.te | 13 +++++++++----
1 files changed, 9 insertions(+), 4 deletions(-)
---
diff --git a/refpolicy/policy/modules/system/userdomain.te b/refpolicy/policy/modules/system/userdomain.te
index 01e92ac..e530c6c 100644
--- a/refpolicy/policy/modules/system/userdomain.te
+++ b/refpolicy/policy/modules/system/userdomain.te
@@ -66,14 +66,19 @@ bool user_tcp_server false;
# Allow w to display everyone
bool user_ttyfile_stat false;
+admin_domain_template(sysadm)
user_domain_template(staff)
user_domain_template(user)
-type sysadm_t;
-domain_make_domain(sysadm_t)
-per_userdomain_templates(sysadm)
-
########################################
#
# Local policy
#
+
+#allow privhome home_root_t:dir { getattr search };
+
+# for su
+allow sysadm_t userdomain:fd use;
+
+# Add/remove user home directories
+#file_type_auto_trans(sysadm_t, home_root_t, user_home_dir_t, dir)
More information about the scm-commits
mailing list