From: pebenito@ieee.org (Chris PeBenito)
Date: Sun, 10 Jun 2018 13:09:33 -0400
Subject: [refpolicy] [PATCH 1/2] gpg: Introduce gpg_exec_agent()
In-Reply-To: <20180608112400.34685-1-jason@perfinion.com>
References: <20180608112400.34685-1-jason@perfinion.com>
Message-ID: <bab96276-6964-aa05-5df6-a22781850758@ieee.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 06/08/2018 07:23 AM, Jason Zaman wrote:
> ---
>   gpg.if | 19 +++++++++++++++++++
>   1 file changed, 19 insertions(+)
> 
> diff --git a/gpg.if b/gpg.if
> index 359560f..78efb18 100644
> --- a/gpg.if
> +++ b/gpg.if
> @@ -123,6 +123,25 @@ interface(`gpg_spec_domtrans',`
>   	domain_auto_transition_pattern($1, gpg_exec_t, $2)
>   ')
>   
> +########################################
> +## <summary>
> +##	Execute the gpg-agent in the caller domain.
> +## </summary>
> +## <param name="domain">
> +##	<summary>
> +##	Domain allowed access.
> +##	</summary>
> +## </param>
> +#
> +interface(`gpg_exec_agent',`
> +	gen_require(`
> +		type gpg_agent_exec_t;
> +	')
> +
> +	corecmd_search_bin($1)
> +	can_exec($1, gpg_agent_exec_t)
> +')
> +
>   ######################################
>   ## <summary>
>   ##	Make gpg executable files an

Merged.

-- 
Chris PeBenito