From: dsugar@tresys.com (David Sugar) Date: Tue, 12 Dec 2017 02:15:12 +0000 Subject: [refpolicy] [PATCH 0/3-v4] Re-work of patch related to files created in /run/user/%{USERID}/ Message-ID: To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com This is the fourth re-work of the patches previously submitted based on feedback from Dominick and Chris. Changes in userdomain to create an attribute (user_runtime_content_type) for files in /run/user/%{USERID}/. Then changes in systemd_logind to use interfaces to delete various types with this attribute. Updated based on Chris's feedback to correctly name interfaces using the new attribute. I hope it is fully correct this time. Dave Sugar (3): Make an attribute for objects in /run/user/%{USERID}/* Make xdm directories created in /run/user/%{USERID}/ xdm_runtime_t (user_runtime_content_type) Allow systemd_logind to delete user_runtime_content_type files policy/modules/services/xserver.te | 9 +++ policy/modules/system/systemd.te | 6 +- policy/modules/system/userdomain.if | 156 +++++++++++++++++++++++++++++++++++- policy/modules/system/userdomain.te | 4 + 4 files changed, 173 insertions(+), 2 deletions(-) -- 2.13.6