diff options
| author | Dominick Grift <domg472@gmail.com> | 2009-10-22 16:23:43 +0200 |
|---|---|---|
| committer | Chris PeBenito <cpebenito@tresys.com> | 2009-10-22 10:33:05 -0400 |
| commit | a92ee5012636c565061214d30177e0cd51f5c4dd (patch) | |
| tree | 04a0319ad26fb752475f7f8764910d863a46eed8 /policy | |
| parent | 5b6bd092131d67ebf3a482507e0d90685bea4676 (diff) | |
Implement screen-locking feature.
Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
Diffstat (limited to 'policy')
| -rw-r--r-- | policy/modules/apps/screen.if | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/policy/modules/apps/screen.if b/policy/modules/apps/screen.if index ac70bc08..9e2f2097 100644 --- a/policy/modules/apps/screen.if +++ b/policy/modules/apps/screen.if @@ -44,6 +44,7 @@ template(`screen_role_template',` # allow $1_screen_t self:capability { setuid setgid fsetid }; + allow $1_screen_t self:fifo_file rw_fifo_file_perms; allow $1_screen_t self:process signal_perms; allow $1_screen_t self:tcp_socket create_stream_socket_perms; allow $1_screen_t self:udp_socket create_socket_perms; @@ -117,6 +118,7 @@ template(`screen_role_template',` fs_search_auto_mountpoints($1_screen_t) fs_getattr_xattr_fs($1_screen_t) + auth_domtrans_chk_passwd($1_screen_t) auth_use_nsswitch($1_screen_t) auth_dontaudit_read_shadow($1_screen_t) auth_dontaudit_exec_utempter($1_screen_t) |