-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://people.fedoraproject.org/~dwalsh/SELinux/F11/system_userdomain.patch
The biggest change in this patch is the addition of the $1_usertype.
Instead of using $1_t for all user access, I use $1_usertype. This
allows me to make $1_java_t == $1_t + { execmem execstack}. Similar for
$1_mono_t.
Changed many templates to interfaces, since they were not defining new
types.
Added labeling for symbolic links of homedirs
Labeling for /dev/shm files.
My labeling of /root
added userhomereader attribute in order to allow tunables within tunables.
Added user_home_type handling so we can define additionaly types to the
home dir and still allow users to manage them. (ssh_home_t for example.)
Removed a couple of old booleans that really do not make sense
user_dmesg? Should be only applied to a particular type staff_t maybe,
not all users. guest_t will never run dmesg.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkmuwtgACgkQrlYvE4MpobNoAwCgjcErx5UIQQS91KBMYMnhAl3F
HlgAoLRQrISDwEe00jx73VWzQnq3sBpI
=TwUE
-----END PGP SIGNATURE-----