diff options
-rw-r--r-- | policy/modules/system/userdomain.if | 8 | ||||
-rw-r--r-- | policy/modules/system/userdomain.te | 2 |
2 files changed, 5 insertions, 5 deletions
diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if index 57d58859..41bb2eeb 100644 --- a/policy/modules/system/userdomain.if +++ b/policy/modules/system/userdomain.if @@ -1039,7 +1039,7 @@ template(`userdom_unpriv_user_template', ` # template(`userdom_admin_user_template',` gen_require(` - attribute admin_tun_type; + attribute admindomain; class passwd { passwd chfn chsh rootok }; ') @@ -1055,7 +1055,7 @@ template(`userdom_admin_user_template',` domain_obj_id_change_exemption($1_t) role system_r types $1_t; - typeattribute $1_t admin_tun_type; + typeattribute $1_t admindomain; ifdef(`direct_sysadm_daemon',` domain_system_change_exemption($1_t) @@ -1295,10 +1295,10 @@ interface(`userdom_user_home_content',` # interface(`userdom_attach_admin_tun_iface',` gen_require(` - attribute admin_tun_type; + attribute admindomain; ') - allow $1 admin_tun_type:tun_socket relabelfrom; + allow $1 admindomain:tun_socket relabelfrom; allow $1 self:tun_socket relabelto; ') diff --git a/policy/modules/system/userdomain.te b/policy/modules/system/userdomain.te index 8cfd9116..f7675a08 100644 --- a/policy/modules/system/userdomain.te +++ b/policy/modules/system/userdomain.te @@ -49,7 +49,7 @@ gen_tunable(user_rw_noexattrfile, false) ## </desc> gen_tunable(user_ttyfile_stat, false) -attribute admin_tun_type; +attribute admindomain; # all user domains attribute userdomain; |