Signed-off-by: Dominick Grift <[email protected]>
---
:100644 100644 ac70bc0... 9e2f209... M policy/modules/apps/screen.if
policy/modules/apps/screen.if | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/policy/modules/apps/screen.if b/policy/modules/apps/screen.if
index ac70bc0..9e2f209 100644
--- a/policy/modules/apps/screen.if
+++ b/policy/modules/apps/screen.if
@@ -44,6 +44,7 @@ template(`screen_role_template',`
#
allow $1_screen_t self:capability { setuid setgid fsetid };
+ allow $1_screen_t self:fifo_file rw_fifo_file_perms;
allow $1_screen_t self:process signal_perms;
allow $1_screen_t self:tcp_socket create_stream_socket_perms;
allow $1_screen_t self:udp_socket create_socket_perms;
@@ -117,6 +118,7 @@ template(`screen_role_template',`
fs_search_auto_mountpoints($1_screen_t)
fs_getattr_xattr_fs($1_screen_t)
+ auth_domtrans_chk_passwd($1_screen_t)
auth_use_nsswitch($1_screen_t)
auth_dontaudit_read_shadow($1_screen_t)
auth_dontaudit_exec_utempter($1_screen_t)
--
1.6.5.rc2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20091022/5fdb101b/attachment.bin
On Thu, 2009-10-22 at 16:23 +0200, Dominick Grift wrote:
> Signed-off-by: Dominick Grift <[email protected]>
Merged.
> ---
> :100644 100644 ac70bc0... 9e2f209... M policy/modules/apps/screen.if
> policy/modules/apps/screen.if | 2 ++
> 1 files changed, 2 insertions(+), 0 deletions(-)
>
> diff --git a/policy/modules/apps/screen.if b/policy/modules/apps/screen.if
> index ac70bc0..9e2f209 100644
> --- a/policy/modules/apps/screen.if
> +++ b/policy/modules/apps/screen.if
> @@ -44,6 +44,7 @@ template(`screen_role_template',`
> #
>
> allow $1_screen_t self:capability { setuid setgid fsetid };
> + allow $1_screen_t self:fifo_file rw_fifo_file_perms;
> allow $1_screen_t self:process signal_perms;
> allow $1_screen_t self:tcp_socket create_stream_socket_perms;
> allow $1_screen_t self:udp_socket create_socket_perms;
> @@ -117,6 +118,7 @@ template(`screen_role_template',`
> fs_search_auto_mountpoints($1_screen_t)
> fs_getattr_xattr_fs($1_screen_t)
>
> + auth_domtrans_chk_passwd($1_screen_t)
> auth_use_nsswitch($1_screen_t)
> auth_dontaudit_read_shadow($1_screen_t)
> auth_dontaudit_exec_utempter($1_screen_t)
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150