These interfaces are needed by at least plymouth
Previous patch had a interface with improper name
Signed-off-by: Dominick Grift <[email protected]>
diff --git a/policy/modules/services/xserver.if b/policy/modules/services/xserver.if
index 130ced9..322dd66 100644
--- a/policy/modules/services/xserver.if
+++ b/policy/modules/services/xserver.if
@@ -713,6 +713,47 @@
########################################
## <summary>
+## Create, read, write, and delete
+## xdm spool files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`xserver_manage_xdm_spool_files',`
+ gen_require(`
+ type xdm_spool_t;
+ ')
+
+ files_search_spool($1)
+ manage_files_pattern($1, xdm_spool_t, xdm_spool_t)
+')
+
+########################################
+## <summary>
+## Read xdm process state files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`xserver_read_state_xdm',`
+ gen_require(`
+ type xdm_t;
+ ')
+
+ kernel_search_proc($1)
+ allow $1 xdm_t:dir list_dir_perms;
+ allow $1 xdm_t:file read_file_perms;
+ allow $1 xdm_t:lnk_file read_lnk_file_perms;
+')
+
+########################################
+## <summary>
## Connect to XDM over a unix domain
## stream socket.
## </summary>