diff options
Diffstat (limited to 'policy/modules/system/unconfined.fc')
| -rw-r--r-- | policy/modules/system/unconfined.fc | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/policy/modules/system/unconfined.fc b/policy/modules/system/unconfined.fc new file mode 100644 index 00000000..08643f95 --- /dev/null +++ b/policy/modules/system/unconfined.fc @@ -0,0 +1,12 @@ +# Add programs here which should not be confined by SELinux +# e.g.: +# /usr/local/bin/appsrv -- gen_context(system_u:object_r:unconfined_exec_t,s0) +# For the time being until someone writes a sane policy, we need initrc to transition to unconfined_t +/usr/bin/vncserver -- gen_context(system_u:object_r:unconfined_exec_t,s0) + +ifdef(`targeted_policy',` +/usr/lib/openoffice.org.*/program/.*\.bin -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0) +/usr/bin/valgrind -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0) +/usr/local/RealPlay/realplay.bin -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0) +/usr/bin/mplayer -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0) +') |