[selinux-policy: 187/3172] add a xml comment
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 19:21:08 UTC 2010
commit 490639cd575f6d05fab7c0f3dc02da47ac03f4f9
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Wed May 18 21:00:30 2005 +0000
add a xml comment
refpolicy/policy/modules/system/userdomain.if | 25 +++++++++++++++++++++++++
1 files changed, 25 insertions(+), 0 deletions(-)
---
diff --git a/refpolicy/policy/modules/system/userdomain.if b/refpolicy/policy/modules/system/userdomain.if
index d90d158..88eabb2 100644
--- a/refpolicy/policy/modules/system/userdomain.if
+++ b/refpolicy/policy/modules/system/userdomain.if
@@ -1,4 +1,6 @@
# Copyright (C) 2005 Tresys Technology, LLC
+## <module name="userdomain" layer="system">
+## <summary>Policy for user domains</summary>
########################################
#
@@ -791,3 +793,26 @@ allow $1_t domain:socket_class_set getattr;
allow $1_t eventpollfs_t:file getattr;
') dnl endif TODO
')
+
+#
+## <interface name="userdomain_use_all_users_file_descriptors">
+## <description>
+## Inherit the file descriptors from all user domains
+## </description>
+## <parameter name="domain">
+## The type of the process performing this action.
+## </parameter>
+## <infoflow type="read" weight="1"/>
+## </interface>
+#
+define(`userdomain_use_all_users_file_descriptors',`
+requires_block_template(`$0'_depend)
+allow $1 userdomain:fd use;
+')
+
+define(`userdomain_use_all_users_file_descriptors_depend',`
+attribute userdomain;
+class fd use;
+')
+
+## </module>
More information about the scm-commits
mailing list