policy_module(unprivuser) # this module should be named user, but that is # a compile error since user is a keyword. ######################################## # # Declarations # #role user_r; userdom_unpriv_user_template(user) optional_policy(` apache_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` git_client_role_template(user, user_t, user_application_exec_domain, user_r) git_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` modemmanager_dbus_chat(user_t) ') optional_policy(` screen_role_template(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` vlock_run(user_t, user_r) ') optional_policy(` xscreensaver_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` xserver_role(user, user_t, user_application_exec_domain, user_r) ') ifndef(`distro_redhat',` optional_policy(` auth_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` bluetooth_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` cdrecord_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` chromium_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` cron_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` dirmngr_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` evolution_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` games_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` gnome_role_template(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` gpg_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` hadoop_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` irc_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` java_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` libmtp_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` lpd_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` mozilla_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` mplayer_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` mta_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` ooffice_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` postgresql_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` pulseaudio_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` pyzor_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` razor_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` rssh_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` sigrok_run(user_r, user_t) ') optional_policy(` spamassassin_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` ssh_role_template(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` su_role_template(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` sudo_role_template(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` syncthing_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` telepathy_role_template(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` thunderbird_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` tvtime_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` uml_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` userhelper_role_template(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` vmware_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` wireshark_role(user, user_t, user_application_exec_domain, user_r) ') optional_policy(` wm_role_template(user, user_t, user_application_exec_domain, user_r) ') ')