Changeset 2623
- Timestamp:
- 02/21/08 13:58:02
(10 months ago)
- Author:
- pebenito
- Message:
xselinux: dont deprecate user client template yet. make per-role rules unconditional.
-
Files:
-
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
| r2621 |
r2623 |
|
| 470 | 470 | # |
|---|
| 471 | 471 | |
|---|
| | 472 | # Device rules |
|---|
| | 473 | allow $1_x_domain $2:x_device { read getattr setattr setfocus grab bell }; |
|---|
| | 474 | |
|---|
| | 475 | allow $2 { input_xevent_t $1_input_xevent_type }:x_event send; |
|---|
| | 476 | allow $2 { x_rootwindow_t $1_x_domain }:x_drawable send; |
|---|
| | 477 | |
|---|
| 472 | 478 | mls_xwin_read_to_clearance($2) |
|---|
| 473 | 479 | |
|---|
| 474 | 480 | xserver_common_x_domain_template($1,$1,$2) |
|---|
| 475 | | |
|---|
| 476 | | tunable_policy(`xserver_object_manager',` |
|---|
| 477 | | # Device rules |
|---|
| 478 | | allow $1_x_domain $2:x_device { read getattr setattr setfocus grab bell }; |
|---|
| 479 | | |
|---|
| 480 | | allow $2 { input_xevent_t $1_input_xevent_type }:x_event send; |
|---|
| 481 | | allow $2 { x_rootwindow_t $1_x_domain }:x_drawable send; |
|---|
| 482 | | ') |
|---|
| 483 | 481 | ') |
|---|
| 484 | 482 | |
|---|
| … | … | |
| 587 | 585 | # |
|---|
| 588 | 586 | template(`xserver_user_client_template',` |
|---|
| 589 | | |
|---|
| | 587 | # refpolicywarn(`$0() has been deprecated, please use xserver_user_x_domain_template instead.') |
|---|
| 590 | 588 | gen_require(` |
|---|
| 591 | 589 | type xdm_t, xdm_tmp_t; |
|---|
Download in other formats:
* Generating other formats may take time.
