--- ./apps/mozilla.if~ 2006-11-27 17:27:46.000000000 -0500 +++ ./apps/mozilla.if 2006-11-28 14:45:07.000000000 -0500 @@ -33,7 +33,11 @@ ## # template(`mozilla_per_role_template',` - + gen_require(` + type mozilla_exec_t; + type mozilla_conf_t; + ') + ######################################## # # Declarations --- ./apps/loadkeys.if~ 2006-11-27 17:27:46.000000000 -0500 +++ ./apps/loadkeys.if 2006-11-28 15:10:28.000000000 -0500 @@ -50,18 +50,13 @@ ## # interface(`loadkeys_run',` - ifdef(`targeted_policy',` - # $0(): disabled in targeted policy as there - # is no loadkeys domain. - ',` - gen_require(` - type loadkeys_t; - ') - - loadkeys_domtrans($1) - role $2 types loadkeys_t; - allow loadkeys_t $3:chr_file rw_term_perms; + gen_require(` + type loadkeys_t; ') + + loadkeys_domtrans($1) + role $2 types loadkeys_t; + allow loadkeys_t $3:chr_file rw_term_perms; ') ######################################## --- ./services/xserver.if~ 2006-11-27 17:27:46.000000000 -0500 +++ ./services/xserver.if 2006-11-28 15:19:10.000000000 -0500 @@ -13,6 +13,9 @@ ## # template(`xserver_common_domain_template',` + gen_require(` + type xserver_exec_t, xkb_var_lib_t, xserver_log_t; + ') ############################## # @@ -222,6 +225,11 @@ # template(`xserver_per_role_template',` + gen_require(` + type iceauth_exec_t, xauth_exec_t; + attribute fonts_type, fonts_cache_type, fonts_config_type; + ') + ############################## # # Declarations --- ./system/userdomain.if~ 2006-11-27 17:27:46.000000000 -0500 +++ ./system/userdomain.if 2006-11-28 15:10:48.000000000 -0500 @@ -654,6 +654,9 @@ ## # template(`userdom_common_user_template',` + gen_require(` + attribute unpriv_userdomain; + ') userdom_base_user_template($1) @@ -916,6 +919,11 @@ ## # template(`userdom_unpriv_user_template', ` + + gen_require(` + attribute user_ptynode, user_home_dir_type, user_home_type, user_tmpfile, user_ttynode, privhome; + ') + ############################## # # Declarations @@ -1051,7 +1059,7 @@ template(`userdom_admin_user_template',` gen_require(` class passwd { passwd chfn chsh rootok crontab }; - attribute admin_terminal; + attribute admin_terminal, privhome; ') ##############################