From: cpebenito@tresys.com (Christopher J. PeBenito)
To: refpolicy@oss.tresys.com
Subject: [refpolicy] [PATCH 1/6] Allow using user terminals
Date: Tue, 6 Sep 2011 14:30:47 -0400 [thread overview]
Message-ID: <4E6666D7.1040502@tresys.com> (raw)
In-Reply-To: <20110904112545.GB2631@siphos.be>
On 09/04/11 07:25, Sven Vermeulen wrote:
> In order to debug wireshark startup issues, it is important that
> wireshark, when started from a command line, is allowed to output its
> error messages.
>
> Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
> ---
> policy/modules/apps/wireshark.te | 1 +
> 1 files changed, 1 insertions(+), 0 deletions(-)
>
> diff --git a/policy/modules/apps/wireshark.te b/policy/modules/apps/wireshark.te
> index 8bfe97d..0106846 100644
> --- a/policy/modules/apps/wireshark.te
> +++ b/policy/modules/apps/wireshark.te
> @@ -93,6 +93,7 @@ seutil_use_newrole_fds(wireshark_t)
> sysnet_read_config(wireshark_t)
>
> userdom_manage_user_home_content_files(wireshark_t)
> +userdom_use_user_terminals(wireshark_t)
>
> tunable_policy(`use_nfs_home_dirs',`
> fs_manage_nfs_dirs(wireshark_t)
Isn't wireshark an X app? Wouldn't it only need pty access?
--
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com
next prev parent reply other threads:[~2011-09-06 18:30 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-09-04 11:25 [refpolicy] [PATCH 0/6] Wireshark application updates Sven Vermeulen
2011-09-04 11:25 ` [refpolicy] [PATCH 1/6] Allow using user terminals Sven Vermeulen
2011-09-06 18:30 ` Christopher J. PeBenito [this message]
2011-09-07 19:38 ` Sven Vermeulen
2011-09-04 11:26 ` [refpolicy] [PATCH 2/6] Allow wireshark to use the random device Sven Vermeulen
2011-09-04 11:26 ` [refpolicy] [PATCH 3/6] Remove duplicate corecmd_search_bin Sven Vermeulen
2011-09-04 11:27 ` [refpolicy] [PATCH 4/6] Allow wireshark to execute bin_t Sven Vermeulen
2011-09-04 11:27 ` [refpolicy] [PATCH 5/6] Dumpcap dumps the packets as packet_socket Sven Vermeulen
2011-09-04 11:28 ` [refpolicy] [PATCH 6/6] Grant wireshark read access on sysfs Sven Vermeulen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4E6666D7.1040502@tresys.com \
--to=cpebenito@tresys.com \
--cc=refpolicy@oss.tresys.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.