[refpolicy] services_consolekit.patch

Daniel J Walsh dwalsh at redhat.com
Tue Mar 24 08:31:38 CDT 2009


http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_consolekit.patch

New file context for consolekit.

Add interface to allow confined apps to read consolekit logs

userdomain and xserver do this.

consolkit execs shell

Dontaudit ptrace all domains

Reads usr_t files

Communicates with lots of domains via dbus

Uses polkit

Needs to read files in nfs and cifs homedirs.


More information about the refpolicy mailing list