[selinux-policy: 1094/3172] fixes to make screen work

[Daniel J Walsh]

commit 038bd3f8635a0f22910c7d3e6c3fc09013437110
Author: Chris PeBenito <cpebenito at tresys.com>
Date:   Fri Jan 13 16:04:28 2006 +0000

    fixes to make screen work

 refpolicy/policy/modules/apps/screen.if |    5 ++++-
 1 files changed, 4 insertions(+), 1 deletions(-)
---
diff --git a/refpolicy/policy/modules/apps/screen.if b/refpolicy/policy/modules/apps/screen.if
index 6489173..16004ad 100644
--- a/refpolicy/policy/modules/apps/screen.if
+++ b/refpolicy/policy/modules/apps/screen.if
@@ -70,6 +70,8 @@ template(`screen_per_userdomain_template',`
 	allow $1_screen_t $1_screen_tmp_t:fifo_file create_file_perms;
 	files_create_tmp_files($1_screen_t, $1_screen_tmp_t, { file dir })
 
+allow $1_screen_t $1_devpts_t:chr_file setattr;
+
 	# Create fifo
 	allow $1_screen_t screen_dir_t:dir rw_dir_perms;
 	allow $1_screen_t screen_dir_t:dir create_dir_perms;
@@ -83,7 +85,8 @@ template(`screen_per_userdomain_template',`
 
 	domain_auto_trans($2, screen_exec_t, $1_screen_t)
 	allow $2 $1_screen_t:process signal;
-	allow $1_screen_t $2:process signal;
+	allow $1_screen_t $2:process { signal sigchld };
+	allow $1_screen_t $2:fd use;
 	allow $1_screen_t $2:fifo_file rw_file_perms;
 	allow $1_screen_t $1_home_dir_t:dir { search getattr };