summaryrefslogtreecommitdiff
path: root/config/appconfig-mcs/x_contexts
diff options
context:
space:
mode:
Diffstat (limited to 'config/appconfig-mcs/x_contexts')
-rw-r--r--config/appconfig-mcs/x_contexts109
1 files changed, 10 insertions, 99 deletions
diff --git a/config/appconfig-mcs/x_contexts b/config/appconfig-mcs/x_contexts
index 08da649d..0b320443 100644
--- a/config/appconfig-mcs/x_contexts
+++ b/config/appconfig-mcs/x_contexts
@@ -13,7 +13,7 @@
# The default client rule defines a context to be used for all clients
# connecting to the server from a remote host.
#
-client * system_u:object_r:remote_xclient_t:s0
+client * system_u:object_r:remote_t:s0
#
@@ -27,25 +27,10 @@ client * system_u:object_r:remote_xclient_t:s0
# rule indicated by an asterisk should follow all other property rules.
#
# Properties that normal clients may only read
-property XFree86_VT system_u:object_r:info_xproperty_t:s0
-property XFree86_DDC_EDID1_RAWDATA system_u:object_r:info_xproperty_t:s0
-property RESOURCE_MANAGER system_u:object_r:info_xproperty_t:s0
-property SCREEN_RESOURCES system_u:object_r:info_xproperty_t:s0
-property _MIT_PRIORITY_COLORS system_u:object_r:info_xproperty_t:s0
-property AT_SPI_IOR system_u:object_r:info_xproperty_t:s0
-property _SELINUX_CLIENT_CONTEXT system_u:object_r:info_xproperty_t:s0
-property _NET_WORKAREA system_u:object_r:info_xproperty_t:s0
-property _XKB_RULES_NAMES system_u:object_r:info_xproperty_t:s0
+property _SELINUX_* system_u:object_r:seclabel_xproperty_t:s0
# Clipboard and selection properties
-property CUT_BUFFER0 system_u:object_r:clipboard_xproperty_t:s0
-property CUT_BUFFER1 system_u:object_r:clipboard_xproperty_t:s0
-property CUT_BUFFER2 system_u:object_r:clipboard_xproperty_t:s0
-property CUT_BUFFER3 system_u:object_r:clipboard_xproperty_t:s0
-property CUT_BUFFER4 system_u:object_r:clipboard_xproperty_t:s0
-property CUT_BUFFER5 system_u:object_r:clipboard_xproperty_t:s0
-property CUT_BUFFER6 system_u:object_r:clipboard_xproperty_t:s0
-property CUT_BUFFER7 system_u:object_r:clipboard_xproperty_t:s0
+property CUT_BUFFER? system_u:object_r:clipboard_xproperty_t:s0
# Default fallback type
property * system_u:object_r:xproperty_t:s0
@@ -61,57 +46,11 @@ property * system_u:object_r:xproperty_t:s0
# Extension rules map an extension name to a context. A default extension
# rule indicated by an asterisk should follow all other extension rules.
#
-# Standard extensions
-extension BIG-REQUESTS system_u:object_r:std_xext_t:s0
-extension SHAPE system_u:object_r:std_xext_t:s0
-extension SYNC system_u:object_r:std_xext_t:s0
-extension XC-MISC system_u:object_r:std_xext_t:s0
-extension XFIXES system_u:object_r:std_xext_t:s0
-extension XInputExtension system_u:object_r:std_xext_t:s0
-extension XKEYBOARD system_u:object_r:std_xext_t:s0
-extension DAMAGE system_u:object_r:std_xext_t:s0
-extension RENDER system_u:object_r:std_xext_t:s0
-extension XINERAMA system_u:object_r:std_xext_t:s0
-
-# Direct hardware access extensions
-extension XFree86-DGA system_u:object_r:directhw_xext_t:s0
-extension XFree86-VidModeExtension system_u:object_r:directhw_xext_t:s0
-
-# Screen management and multihead extensions
-extension RANDR system_u:object_r:output_xext_t:s0
-extension Composite system_u:object_r:output_xext_t:s0
-
-# Screensaver, power management extensions
-extension DPMS system_u:object_r:screensaver_xext_t:s0
-extension MIT-SCREEN-SAVER system_u:object_r:screensaver_xext_t:s0
-
-# Shared memory extensions
-extension MIT-SHM system_u:object_r:shmem_xext_t:s0
-extension XFree86-Bigfont system_u:object_r:shmem_xext_t:s0
-
-# Accelerated graphics, OpenGL, direct rendering extensions
-extension GLX system_u:object_r:accelgraphics_xext_t:s0
-extension NV-CONTROL system_u:object_r:accelgraphics_xext_t:s0
-extension NV-GLX system_u:object_r:accelgraphics_xext_t:s0
-extension NVIDIA-GLX system_u:object_r:accelgraphics_xext_t:s0
-
-# Debugging, testing, and recording extensions
-extension RECORD system_u:object_r:debug_xext_t:s0
-extension X-Resource system_u:object_r:debug_xext_t:s0
-extension XTEST system_u:object_r:debug_xext_t:s0
-
-# Security-related extensions
-extension SECURITY system_u:object_r:security_xext_t:s0
-extension SELinux system_u:object_r:security_xext_t:s0
-extension XAccessControlExtension system_u:object_r:security_xext_t:s0
-extension XC-APPGROUP system_u:object_r:security_xext_t:s0
-
-# Video extensions
-extension XVideo system_u:object_r:video_xext_t:s0
-extension XVideo-MotionCompensation system_u:object_r:video_xext_t:s0
+# Restricted extensions
+extension SELinux system_u:object_r:security_xextension_t:s0
-# Default fallback type
-extension * system_u:object_r:xext_t:s0
+# Standard extensions
+extension * system_u:object_r:xextension_t:s0
#
@@ -124,8 +63,6 @@ extension * system_u:object_r:xext_t:s0
# rule indicated by an asterisk should follow all other selection rules.
#
# Standard selections
-selection XA_PRIMARY system_u:object_r:clipboard_xselection_t:s0
-selection XA_SECONDARY system_u:object_r:clipboard_xselection_t:s0
selection PRIMARY system_u:object_r:clipboard_xselection_t:s0
selection CLIPBOARD system_u:object_r:clipboard_xselection_t:s0
@@ -149,7 +86,6 @@ event X11:KeyRelease system_u:object_r:input_xevent_t:s0
event X11:ButtonPress system_u:object_r:input_xevent_t:s0
event X11:ButtonRelease system_u:object_r:input_xevent_t:s0
event X11:MotionNotify system_u:object_r:input_xevent_t:s0
-event X11:SelectionNotify system_u:object_r:input_xevent_t:s0
event XInputExtension:DeviceKeyPress system_u:object_r:input_xevent_t:s0
event XInputExtension:DeviceKeyRelease system_u:object_r:input_xevent_t:s0
event XInputExtension:DeviceButtonPress system_u:object_r:input_xevent_t:s0
@@ -159,36 +95,11 @@ event XInputExtension:DeviceValuator system_u:object_r:input_xevent_t:s0
event XInputExtension:ProximityIn system_u:object_r:input_xevent_t:s0
event XInputExtension:ProximityOut system_u:object_r:input_xevent_t:s0
-# Focus events
-event X11:FocusIn system_u:object_r:focus_xevent_t:s0
-event X11:FocusOut system_u:object_r:focus_xevent_t:s0
-event X11:EnterNotify system_u:object_r:focus_xevent_t:s0
-event X11:LeaveNotify system_u:object_r:focus_xevent_t:s0
-
-# Property events
-event X11:PropertyNotify system_u:object_r:property_xevent_t:s0
-
# Client message events
event X11:ClientMessage system_u:object_r:client_xevent_t:s0
-
-# Manager events
-event X11:ConfigureRequest system_u:object_r:manage_xevent_t:s0
-event X11:ResizeRequest system_u:object_r:manage_xevent_t:s0
-event X11:MapRequest system_u:object_r:manage_xevent_t:s0
-event X11:CirculateRequest system_u:object_r:manage_xevent_t:s0
-event X11:CreateNotify system_u:object_r:manage_xevent_t:s0
-event X11:DestroyNotify system_u:object_r:manage_xevent_t:s0
-event X11:MapNotify system_u:object_r:manage_xevent_t:s0
-event X11:UnmapNotify system_u:object_r:manage_xevent_t:s0
-event X11:ReparentNotify system_u:object_r:manage_xevent_t:s0
-event X11:ConfigureNotify system_u:object_r:manage_xevent_t:s0
-event X11:GravityNotify system_u:object_r:manage_xevent_t:s0
-event X11:CirculateNotify system_u:object_r:manage_xevent_t:s0
-event X11:Expose system_u:object_r:manage_xevent_t:s0
-event X11:VisibilityNotify system_u:object_r:manage_xevent_t:s0
-
-# Unknown events (that are not registered in the X server's name database)
-event <unknown> system_u:object_r:unknown_xevent_t:s0
+event X11:SelectionNotify system_u:object_r:client_xevent_t:s0
+event X11:UnmapNotify system_u:object_r:client_xevent_t:s0
+event X11:ConfigureNotify system_u:object_r:client_xevent_t:s0
# Default fallback type
event * system_u:object_r:xevent_t:s0