[refpolicy] services_consolekit.patch

Thu May 14 10:14:41 CDT 2009

On Tue, 2009-03-24 at 09:31 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_consolekit.patch
> 
> New file context for consolekit.
> 
> Add interface to allow confined apps to read consolekit logs
> 
> userdomain and xserver do this.
> 
> consolkit execs shell
> 
> Dontaudit ptrace all domains
> 
> Reads usr_t files
> 
> Communicates with lots of domains via dbus
> 
> Uses polkit
> 
> Needs to read files in nfs and cifs homedirs.

Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150