From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Tue, 09 Feb 2010 08:48:14 -0500
Subject: [refpolicy] [PATCH 1/1] Add an interface for listing contents
 of user home directories.
In-Reply-To: <1264884067-14886-1-git-send-email-stefan@seekline.net>
References: <1264884067-14886-1-git-send-email-stefan@seekline.net>
Message-ID: <1265723294.911.3.camel@gorn.columbia.tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Sat, 2010-01-30 at 21:41 +0100, Stefan Schulze Frielinghaus wrote:
> Signed-off-by: Stefan Schulze Frielinghaus <stefan@seekline.net>
> ---
>  policy/modules/system/userdomain.if |   18 ++++++++++++++++++
>  1 files changed, 18 insertions(+), 0 deletions(-)

Merged.

> diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
> index f209ccf..1f234ef 100644
> --- a/policy/modules/system/userdomain.if
> +++ b/policy/modules/system/userdomain.if
> @@ -1414,6 +1414,24 @@ interface(`userdom_dontaudit_search_user_home_dirs',`
>  
>  ########################################
>  ## <summary>
> +##      List contents of users home directory.
> +## </summary>
> +## <param name="domain">
> +##      <summary>
> +##      Domain allowed access.
> +##      </summary>
> +## </param>
> +#
> +interface(`userdom_list_user_home_content',`
> +	gen_require(`
> +		type user_home_t;
> +	')
> +
> +	allow $1 user_home_t:dir list_dir_perms;
> +')
> +
> +########################################
> +## <summary>
>  ##	List user home directories.
>  ## </summary>
>  ## <param name="domain">

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150