* [refpolicy] [PATCH] Allow the xdm_t domain to enter all the gkeyringd ones
@ 2014-04-11 17:28 Laurent Bigonville
2014-04-15 13:30 ` Christopher J. PeBenito
0 siblings, 1 reply; 2+ messages in thread
From: Laurent Bigonville @ 2014-04-11 17:28 UTC (permalink / raw)
To: refpolicy
From: Laurent Bigonville <bigon@bigon.be>
During the opening of the session, the pam_gnome_keyring module is
starting the daemon in the gkeyringd user domain, allow xdm_t to
transition to it.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742966
---
policy/modules/services/xserver.te | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te
index 8479a52..a86f701 100644
--- a/policy/modules/services/xserver.te
+++ b/policy/modules/services/xserver.te
@@ -524,6 +524,10 @@ optional_policy(`
')
optional_policy(`
+ gnome_spec_domtrans_all_gkeyringd(xdm_t)
+')
+
+optional_policy(`
# Talk to the console mouse server.
gpm_stream_connect(xdm_t)
gpm_setattr_gpmctl(xdm_t)
--
1.9.2
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [refpolicy] [PATCH] Allow the xdm_t domain to enter all the gkeyringd ones
2014-04-11 17:28 [refpolicy] [PATCH] Allow the xdm_t domain to enter all the gkeyringd ones Laurent Bigonville
@ 2014-04-15 13:30 ` Christopher J. PeBenito
0 siblings, 0 replies; 2+ messages in thread
From: Christopher J. PeBenito @ 2014-04-15 13:30 UTC (permalink / raw)
To: refpolicy
On 04/11/2014 01:28 PM, Laurent Bigonville wrote:
> From: Laurent Bigonville <bigon@bigon.be>
>
> During the opening of the session, the pam_gnome_keyring module is
> starting the daemon in the gkeyringd user domain, allow xdm_t to
> transition to it.
>
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742966
> ---
> policy/modules/services/xserver.te | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te
> index 8479a52..a86f701 100644
> --- a/policy/modules/services/xserver.te
> +++ b/policy/modules/services/xserver.te
> @@ -524,6 +524,10 @@ optional_policy(`
> ')
>
> optional_policy(`
> + gnome_spec_domtrans_all_gkeyringd(xdm_t)
> +')
> +
> +optional_policy(`
> # Talk to the console mouse server.
> gpm_stream_connect(xdm_t)
> gpm_setattr_gpmctl(xdm_t)
Merged.
--
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-04-15 13:30 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-04-11 17:28 [refpolicy] [PATCH] Allow the xdm_t domain to enter all the gkeyringd ones Laurent Bigonville
2014-04-15 13:30 ` Christopher J. PeBenito
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.