selinux-refpolicy/policy
Guido Trentalancia 1c9c592a2f xserver: introduce new fc and interface to manage X session logs
The following patch (split in two parts, one for base and
another one for contrib) introduces a new file context for
the X session log files and two new interface to manage
them (instead of allowing to manage the whole user home
content files).

It is required after the recent confinement of graphical
desktop components (e.g. wm, xscreensaver).

The second version of the patch correctly uses file type
transitions and uses more tight permissions.

The third version simply moves some interface calls.

The fourth version introduces the new template for
username-dependent file contexts.

The fifth version moves other interface calls thanks to
further revisions from Christopher PeBenito (the corresponding
contrib policy part remains unchanged at version 4).

This sixth version, adds the missing diff relative to the
xserver.te policy file to declare the new xsession_log_t type.

The corresponding base policy patch is at version 4.

Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
2016-12-30 12:41:59 -05:00
..
flask refpolicy: Define extended_socket_class policy capability and socket classes 2016-12-08 18:07:42 -05:00
modules xserver: introduce new fc and interface to manage X session logs 2016-12-30 12:41:59 -05:00
support refpolicy: Define extended_socket_class policy capability and socket classes 2016-12-08 18:07:42 -05:00
constraints remove trailing whitespaces 2016-12-06 13:45:13 +01:00
context_defaults Fix error in default_user example. 2014-04-28 10:19:22 -04:00
global_booleans
global_tunables user_udp_server tunable 2016-08-02 19:44:16 -04:00
mcs remove trailing whitespaces 2016-12-06 13:45:13 +01:00
mls remove trailing whitespaces 2016-12-06 13:45:13 +01:00
policy_capabilities refpolicy: Define extended_socket_class policy capability and socket classes 2016-12-08 18:07:42 -05:00
users Apply direct_initrc to unconfined_r:unconfined_t 2014-01-16 15:27:18 -05:00