Merge branch 'locallogin_module' of git://github.com/cgzones/refpolicy
This commit is contained in:
commit
f727615595
|
@ -33,8 +33,7 @@ role system_r types sulogin_t;
|
|||
#
|
||||
|
||||
allow local_login_t self:capability { chown dac_override fowner fsetid kill setgid setuid sys_nice sys_resource sys_tty_config };
|
||||
allow local_login_t self:process ~{ ptrace setcurrent setexec setfscreate setrlimit execmem execstack execheap };
|
||||
allow local_login_t self:process { setrlimit setexec };
|
||||
allow local_login_t self:process { setexec setrlimit setsched };
|
||||
allow local_login_t self:fd use;
|
||||
allow local_login_t self:fifo_file rw_fifo_file_perms;
|
||||
allow local_login_t self:sock_file read_sock_file_perms;
|
||||
|
@ -171,7 +170,9 @@ optional_policy(`
|
|||
optional_policy(`
|
||||
dbus_system_bus_client(local_login_t)
|
||||
|
||||
consolekit_dbus_chat(local_login_t)
|
||||
optional_policy(`
|
||||
consolekit_dbus_chat(local_login_t)
|
||||
')
|
||||
')
|
||||
|
||||
optional_policy(`
|
||||
|
@ -211,7 +212,6 @@ optional_policy(`
|
|||
#
|
||||
|
||||
allow sulogin_t self:capability dac_override;
|
||||
allow sulogin_t self:process ~{ ptrace setcurrent setexec setfscreate setrlimit execmem execstack execheap };
|
||||
allow sulogin_t self:fd use;
|
||||
allow sulogin_t self:fifo_file rw_fifo_file_perms;
|
||||
allow sulogin_t self:unix_dgram_socket create_socket_perms;
|
||||
|
|
Loading…
Reference in New Issue