From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Tue, 3 Dec 2013 08:52:54 -0500
Subject: [refpolicy] [PATCH 37/39] xserver: already allowed by
	auth_login_pgm_domain(xdm_t)
In-Reply-To: <1383990320-3340-37-git-send-email-dominick.grift@gmail.com>
References: <1383990320-3340-1-git-send-email-dominick.grift@gmail.com>
	<1383990320-3340-37-git-send-email-dominick.grift@gmail.com>
Message-ID: <529DE236.7070109@tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 11/09/13 04:45, Dominick Grift wrote:
> Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
> ---
>  policy/modules/services/xserver.te | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te
> index 8b40377..a7faaad 100644
> --- a/policy/modules/services/xserver.te
> +++ b/policy/modules/services/xserver.te
> @@ -301,7 +301,7 @@ optional_policy(`
>  #
>  
>  allow xdm_t self:capability { setgid setuid sys_resource kill sys_tty_config mknod chown dac_override dac_read_search fowner fsetid ipc_owner sys_nice sys_rawio net_bind_service };
> -allow xdm_t self:process { setexec setpgid getsched setsched setrlimit signal_perms setkeycreate };
> +allow xdm_t self:process { setexec setpgid getsched setsched setrlimit signal_perms };
>  allow xdm_t self:fifo_file rw_fifo_file_perms;
>  allow xdm_t self:shm create_shm_perms;
>  allow xdm_t self:sem create_sem_perms;
 
Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com