d76d9e13b1
The dangerous execheap permission is removed from xdm and the dangerous execmem permission is only enabled for the Gnome Display Manager (gnome-shell running in gdm mode) through a new "xserver_gnome_xdm" boolean. This patch also updates the XKB libs file context with their default location (which at the moment is not compliant with FHS3 due to the fact that it allows by default to write the output from xkbcomp), adds the ability to read udev pid files and finally adds a few permissions so that xconsole can run smoothly. The anomalous permission to execute XKB var library files has been removed and the old X11R6 library location has been updated so that subdirectories are also labeled as xkb_var_lib. This patch includes various improvements and bug fixes as kindly suggested in reviews made by Christopher PeBenito. Signed-off-by: Guido Trentalancia <guido@trentalancia.net> |
||
|---|---|---|
| .. | ||
| flask | ||
| modules | ||
| support | ||
| constraints | ||
| context_defaults | ||
| global_booleans | ||
| global_tunables | ||
| mcs | ||
| mls | ||
| policy_capabilities | ||
| users | ||