RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
selinux-refpolicy/policy
History
Sven Vermeulen 97c3e208f8 xserver_t needs to ender dirs labeled xdm_var_run_t 
The LightDM application stores its xauth file in a subdirectory
(/var/run/lightdm/root) which is labeled as xdm_var_run_t. As a result,
X11 (xserver_t) needs search rights to this location.

With this setup, X is run as follows:
  /usr/bin/X :0 -auth /var/run/lightdm/root/:0

Changes since v1:
- Use read_files_pattern instead of separate allow rules

Signed-off-by: Jason Zaman <jason@perfinion.com>
Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
 		2014-06-02 11:05:01 -04:00
..
flask flask: add the attach_queue permission to the tun_socket object class 2013-01-22 12:46:06 -05:00
modules xserver_t needs to ender dirs labeled xdm_var_run_t 2014-06-02 11:05:01 -04:00
support Add optional file name to filetrans_pattern. 2011-11-02 08:48:25 -04:00
constraints Allow user and role changes on dynamic transitions with the same constraints as regular transitions. 2011-09-02 09:59:26 -04:00
context_defaults Fix error in default_user example. 2014-04-28 10:19:22 -04:00
global_booleans Move secure_mode_policyload into selinux module as that is the only place it is used. 2011-09-26 09:53:23 -04:00
global_tunables Rename allow_console tunable to console_login. 2011-01-14 11:44:42 -05:00
mcs Implement mcs_constrained_type 2012-11-28 16:12:25 -05:00
mls Add MLS constraints for x_pointer and x_keyboard. 2013-08-26 08:30:05 -04:00
policy_capabilities
users Apply direct_initrc to unconfined_r:unconfined_t 2014-01-16 15:27:18 -05:00