selinux-refpolicy/udica-templates/x_container.cil

28 lines
683 B
Plaintext

(block x_container
(blockabstract x_container)
(optional x_container_optional
(allow xserver_t process rw_shm_perms)
(allow process xserver_t (unix_stream_socket (connectto)))
(allow process device_t search_dir_perms)
(allow process dri_device_t rw_chr_file_perms)
(allow process xserver_misc_device_t rw_chr_file_perms)
(allow process urandom_device_t read_chr_file_perms)
(allow process tmpfs_t search_dir_perms)
(allow process tmp_t search_dir_perms)
(allow process tmp_t read_lnk_file_perms)
(allow process xserver_tmp_t search_dir_perms)
(allow process xserver_tmp_t write_sock_file_perms)
(allow process xserver_exec_t exec_file_perms)
)
)