Permalink
Browse files

Adding patches for base policy

  • Loading branch information...
sjvermeu committed Dec 22, 2011
1 parent 5bfe751 commit b1899e7c0985e66922c4f4465d5c06dddb63c160
@@ -1,14 +1,11 @@
--- refpolicy/policy/modules/services/gorg.te 1970-01-01 01:00:00.000000000 +0100
-+++ refpolicy/policy/modules/services/gorg.te 2011-12-06 10:22:57.352020520 +0100
-@@ -0,0 +1,65 @@
++++ refpolicy/policy/modules/services/gorg.te 2011-12-06 11:27:02.279028727 +0100
+@@ -0,0 +1,62 @@
+policy_module(gorg, 1.0.0)
+
+type gorg_t;
+type gorg_exec_t;
-+typealias gorg_t alias { staff_gorg_t user_gorg_t };
+application_domain(gorg_t, gorg_exec_t)
-+role staff_r types gorg_t;
-+role user_r types gorg_t;
+
+type gorg_cache_t;
+files_type(gorg_cache_t);
@@ -0,0 +1,48 @@
+--- refpolicy/policy/modules/apps/mutt.te 2011-12-09 20:15:50.042001485 +0100
++++ refpolicy/policy/modules/apps/mutt.te 2011-12-09 19:05:52.690642348 +0100
+@@ -37,7 +37,6 @@
+
+ allow mutt_t self:process signal_perms;
+ allow mutt_t self:fifo_file rw_fifo_file_perms;
+-# TODO dgrift has self:unix_stream_socket create_socket_perms; here too?
+
+ manage_dirs_pattern(mutt_t, mutt_home_t, mutt_home_t)
+ manage_files_pattern(mutt_t, mutt_home_t, mutt_home_t)
+@@ -45,8 +44,6 @@
+
+ manage_dirs_pattern(mutt_t, mutt_tmp_t, mutt_tmp_t)
+ manage_files_pattern(mutt_t, mutt_tmp_t, mutt_tmp_t)
+-# TODO check if this is needed - where are these fifos created as mutt_tmp_t ? There is no filetrans defined for it.
+-#manage_fifo_files_pattern(mutt_t, mutt_tmp_t, mutt_tmp_t)
+ files_tmp_filetrans(mutt_t, mutt_tmp_t, { file dir })
+
+ read_files_pattern(mutt_t, mutt_etc_t, mutt_etc_t)
+@@ -54,7 +51,6 @@
+ read_files_pattern(mutt_t, mutt_conf_t, mutt_conf_t)
+
+
+-# TODO dgrift has kernel_read_crypto_sysctls(mutt_t)
+ kernel_read_system_state(mutt_t)
+
+ corecmd_exec_bin(mutt_t)
+@@ -84,8 +80,6 @@
+
+ miscfiles_read_localization(mutt_t)
+
+-userdom_manage_xdg_cache_home(mutt_t)
+-userdom_read_xdg_config_home(mutt_t)
+ userdom_search_user_home_content(mutt_t)
+ userdom_use_user_terminals(mutt_t)
+
+@@ -93,6 +87,11 @@
+ gpg_domtrans(mutt_t)
+ ')
+
++optional_policy(`
++ xdg_manage_generic_cache_home_content(mutt_t)
++ xdg_read_generic_config_home_files(mutt_t)
++')
++
+ tunable_policy(`mutt_manage_user_content',`
+ # Needed for handling attachments
+ userdom_manage_user_home_content_files(mutt_t)
Oops, something went wrong.

0 comments on commit b1899e7

Please sign in to comment.