commit: 30a012aabb170a3570d6f1b6db26e684754f0609
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Sun Sep 10 12:55:13 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Sep 10 12:55:13 2017 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=30a012aa
xserver: add map perms
policy/modules/services/xserver.te | 2 ++
1 file changed, 2 insertions(+)
diff --git a/policy/modules/services/xserver.te
b/policy/modules/services/xserver.te
index a88e4af5..fe100b06 100644
--- a/policy/modules/services/xserver.te
+++ b/policy/modules/services/xserver.te
@@ -667,6 +667,7 @@ files_tmp_filetrans(xserver_t, xserver_tmp_t, { file dir
sock_file })
filetrans_pattern(xserver_t, xserver_tmp_t, xserver_tmp_t, sock_file)
+allow xserver_t xserver_tmpfs_t:file map;
manage_dirs_pattern(xserver_t, xserver_tmpfs_t, xserver_tmpfs_t)
manage_files_pattern(xserver_t, xserver_tmpfs_t, xserver_tmpfs_t)
manage_lnk_files_pattern(xserver_t, xserver_tmpfs_t, xserver_tmpfs_t)
@@ -779,6 +780,7 @@ userdom_use_user_ttys(xserver_t)
userdom_setattr_user_ttys(xserver_t)
userdom_read_user_tmp_files(xserver_t)
userdom_rw_user_tmpfs_files(xserver_t)
+userdom_map_user_tmpfs_files(xserver_t)
xserver_use_user_fonts(xserver_t)
