From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Fri, 07 Dec 2012 00:50:32 -0500
Subject: [refpolicy] [PATCH 6/7] Label /etc/rc.d/init.d/x11-common as
 xdm_exec_t
In-Reply-To: <1354739968-4547-6-git-send-email-bigon@debian.org>
References: <1354739968-4547-1-git-send-email-bigon@debian.org>
	<1354739968-4547-6-git-send-email-bigon@debian.org>
Message-ID: <50C183A8.2080707@tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 12/5/2012 3:39 PM, Laurent Bigonville wrote:
> From: Laurent Bigonville <bigon@bigon.be>
>
> In Debian, this initscript is creating both /tmp/.X11-unix and
> /tmp/.ICE-unix. This allows the directory to transition to the context
> defined in the filecontext.
> ---
>   policy/modules/services/xserver.fc |    1 +
>   1 file changed, 1 insertion(+)
>
> diff --git a/policy/modules/services/xserver.fc b/policy/modules/services/xserver.fc
> index 9393f65..7e96559 100644
> --- a/policy/modules/services/xserver.fc
> +++ b/policy/modules/services/xserver.fc
> @@ -27,6 +27,7 @@ HOME_DIR/\.Xauthority.*	--	gen_context(system_u:object_r:xauth_home_t,s0)
>   /etc/kde[34]?/kdm/Xsession --	gen_context(system_u:object_r:xsession_exec_t,s0)
>   /etc/kde[34]?/kdm/backgroundrc	gen_context(system_u:object_r:xdm_var_run_t,s0)
>
> +/etc/rc\.d/init\.d/x11-common -- gen_context(system_u:object_r:xdm_exec_t,s0)
>   /etc/rc\.d/init\.d/xfree86-common -- gen_context(system_u:object_r:xserver_exec_t,s0)
>
>   /etc/X11/[wx]dm/Xreset.* --	gen_context(system_u:object_r:xsession_exec_t,s0)

Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com