diff options
Diffstat (limited to 'sec-policy/selinux-xserver/files/fix-services-xserver-r2.patch')
-rw-r--r-- | sec-policy/selinux-xserver/files/fix-services-xserver-r2.patch | 52 |
1 files changed, 0 insertions, 52 deletions
diff --git a/sec-policy/selinux-xserver/files/fix-services-xserver-r2.patch b/sec-policy/selinux-xserver/files/fix-services-xserver-r2.patch deleted file mode 100644 index 3c73d86c19f8..000000000000 --- a/sec-policy/selinux-xserver/files/fix-services-xserver-r2.patch +++ /dev/null @@ -1,52 +0,0 @@ ---- services/xserver.te 2010-12-13 15:11:02.000000000 +0100 -+++ services/xserver.te 2011-02-01 18:16:07.421000056 +0100 -@@ -234,9 +234,13 @@ - - allow xdm_t iceauth_home_t:file read_file_perms; - -+files_search_tmp(iceauth_t) - fs_search_auto_mountpoints(iceauth_t) - - userdom_use_user_terminals(iceauth_t) -+userdom_read_user_tmp_files(iceauth_t) -+ -+getty_use_fds(iceauth_t) - - tunable_policy(`use_nfs_home_dirs',` - fs_manage_nfs_files(iceauth_t) -@@ -279,6 +283,7 @@ - - userdom_use_user_terminals(xauth_t) - userdom_read_user_tmp_files(xauth_t) -+userdom_read_user_tmp_files(xserver_t) - - xserver_rw_xdm_tmp_files(xauth_t) - -@@ -588,6 +593,9 @@ - allow xserver_t { root_xdrawable_t x_domain }:x_drawable send; - allow xserver_t input_xevent_t:x_event send; - -+# Allow X to process keyboard events -+udev_read_db(xserver_t) -+ - # setuid/setgid for the wrapper program to change UID - # sys_rawio is for iopl access - should not be needed for frame-buffer - # sys_admin, locking shared mem? chowning IPC message queues or semaphores? -@@ -610,6 +618,7 @@ - allow xserver_t self:unix_stream_socket { create_stream_socket_perms connectto }; - allow xserver_t self:tcp_socket create_stream_socket_perms; - allow xserver_t self:udp_socket create_socket_perms; -+allow xserver_t self:netlink_kobject_uevent_socket create_socket_perms; - - manage_dirs_pattern(xserver_t, xserver_tmp_t, xserver_tmp_t) - manage_files_pattern(xserver_t, xserver_tmp_t, xserver_tmp_t) ---- services/xserver.fc 2010-08-03 15:11:09.000000000 +0200 -+++ services/xserver.fc 2011-01-03 23:07:16.852000013 +0100 -@@ -5,6 +5,7 @@ - HOME_DIR/\.fonts(/.*)? gen_context(system_u:object_r:user_fonts_t,s0) - HOME_DIR/\.fonts/auto(/.*)? gen_context(system_u:object_r:user_fonts_cache_t,s0) - HOME_DIR/\.fonts\.cache-.* -- gen_context(system_u:object_r:user_fonts_cache_t,s0) -+HOME_DIR/\.fontconfig(/.*)? gen_context(system_u:object_r:user_fonts_cache_t,s0) - HOME_DIR/\.ICEauthority.* -- gen_context(system_u:object_r:iceauth_home_t,s0) - HOME_DIR/\.xauth.* -- gen_context(system_u:object_r:xauth_home_t,s0) - HOME_DIR/\.Xauthority.* -- gen_context(system_u:object_r:xauth_home_t,s0) |