From: ewalsh@tycho.nsa.gov (Eamon Walsh) Date: Tue, 27 Oct 2009 22:05:54 -0400 Subject: [refpolicy] [PATCH 0/3] Updated X object manager policy -v2: Intro Message-ID: <4AE7A702.60309@tycho.nsa.gov> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com This patch series is an updated policy for the X server object manager. This is the policy that I was running in Portland for my various demos. It includes new x_pointer/x_keyboard classes, unconfined-by-default user types, and other changes. The only thing missing here is updated mls constraints; I am still working on those. The 3 patches here are NOT independent and breakage will probably result if only some of them are applied. I only broke them up in an attempt to make it easier to review the changes. This is also available in a git tree at git://anongit.freedesktop.org/~ewalsh/refpolicy (branch "master"), for ease of pulling. Changes from -v1: Dropped the x_keyboard/x_pointer object class patch (already pushed). Dropped the patch making system_dbusd_t and consolekit_t unconfined. This is so the focus is only on the changes to the xserver module. No changes to the existing xserver_role and xserver_restricted_role interfaces. The existing UBAC-based controls have been restored. Removed an apostrophe in a comment that was causing m4 errors. -- Eamon Walsh National Security Agency