diff options
author | 2017-04-26 06:26:50 -0400 | |
---|---|---|
committer | 2017-04-30 22:17:42 +0800 | |
commit | e4f6a4addb857720be0f5843d3a30c2dd239fd55 (patch) | |
tree | 95268440857ddf521df4ee08e2c0c09ba5e44c4a /policy/modules/system/locallogin.te | |
parent | locallogin: Move two sulogin lines. (diff) | |
download | hardened-refpolicy-e4f6a4addb857720be0f5843d3a30c2dd239fd55.tar.gz hardened-refpolicy-e4f6a4addb857720be0f5843d3a30c2dd239fd55.tar.bz2 hardened-refpolicy-e4f6a4addb857720be0f5843d3a30c2dd239fd55.zip |
Login take 4 from Russell Coker.
I have used optional sections for dbus and xserver as requested and also
fixed a minor issue of a rule not being in the correct section.
Please merge this.
Diffstat (limited to 'policy/modules/system/locallogin.te')
-rw-r--r-- | policy/modules/system/locallogin.te | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/policy/modules/system/locallogin.te b/policy/modules/system/locallogin.te index 4d3964863..d76c98746 100644 --- a/policy/modules/system/locallogin.te +++ b/policy/modules/system/locallogin.te @@ -33,6 +33,7 @@ role system_r types sulogin_t; # allow local_login_t self:capability { chown dac_override fowner fsetid kill setgid setuid sys_nice sys_resource sys_tty_config }; +dontaudit local_login_t self:capability net_admin; allow local_login_t self:process { setexec setrlimit setsched }; allow local_login_t self:fd use; allow local_login_t self:fifo_file rw_fifo_file_perms; |