xserver: ICEauthority can be in /run/user
Signed-off-by: Jason Zaman <jason@perfinion.com>
This commit is contained in:
parent
bcab64fba4
commit
32b6f152a2
|
@ -143,6 +143,8 @@ ifndef(`distro_debian',`
|
||||||
/run/xauth(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)
|
/run/xauth(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)
|
||||||
/run/xdmctl(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)
|
/run/xdmctl(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)
|
||||||
|
|
||||||
|
/run/user/%{USERID}/ICEauthority.* -- gen_context(system_u:object_r:iceauth_home_t,s0)
|
||||||
|
|
||||||
ifdef(`distro_suse',`
|
ifdef(`distro_suse',`
|
||||||
/var/lib/pam_devperm/:0 -- gen_context(system_u:object_r:xdm_var_lib_t,s0)
|
/var/lib/pam_devperm/:0 -- gen_context(system_u:object_r:xdm_var_lib_t,s0)
|
||||||
')
|
')
|
||||||
|
|
|
@ -117,6 +117,7 @@ userdom_user_application_domain(iceauth_t, iceauth_exec_t)
|
||||||
|
|
||||||
type iceauth_home_t;
|
type iceauth_home_t;
|
||||||
userdom_user_home_content(iceauth_home_t)
|
userdom_user_home_content(iceauth_home_t)
|
||||||
|
userdom_user_runtime_content(iceauth_home_t)
|
||||||
|
|
||||||
type xauth_t;
|
type xauth_t;
|
||||||
type xauth_exec_t;
|
type xauth_exec_t;
|
||||||
|
@ -211,6 +212,7 @@ optional_policy(`
|
||||||
|
|
||||||
allow iceauth_t iceauth_home_t:file manage_file_perms;
|
allow iceauth_t iceauth_home_t:file manage_file_perms;
|
||||||
userdom_user_home_dir_filetrans(iceauth_t, iceauth_home_t, file)
|
userdom_user_home_dir_filetrans(iceauth_t, iceauth_home_t, file)
|
||||||
|
userdom_user_runtime_filetrans(iceauth_t, iceauth_home_t, file)
|
||||||
|
|
||||||
allow xdm_t iceauth_home_t:file read_file_perms;
|
allow xdm_t iceauth_home_t:file read_file_perms;
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue