Several DMs offer the possibility to shutdown the system. I personally
don't think a bool is neccessary for this permission, but I wouldn't
oppose one either.
---
policy/modules/services/xserver.te | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te
index f81fcac..30e544c 100644
--- a/policy/modules/services/xserver.te
+++ b/policy/modules/services/xserver.te
@@ -559,6 +559,10 @@ optional_policy(`
')
optional_policy(`
+ shutdown_domtrans(xdm_t)
+')
+
+optional_policy(`
udev_read_db(xdm_t)
')
--
2.0.0
On 06/04/2014 11:12 AM, Luis Ressel wrote:
> Several DMs offer the possibility to shutdown the system. I personally
> don't think a bool is neccessary for this permission, but I wouldn't
> oppose one either.
> ---
> policy/modules/services/xserver.te | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te
> index f81fcac..30e544c 100644
> --- a/policy/modules/services/xserver.te
> +++ b/policy/modules/services/xserver.te
> @@ -559,6 +559,10 @@ optional_policy(`
> ')
>
> optional_policy(`
> + shutdown_domtrans(xdm_t)
> +')
> +
> +optional_policy(`
> udev_read_db(xdm_t)
> ')
Merged.
--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com