aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGuido Trentalancia <guido@trentalancia.net>2016-09-08 18:38:37 +0200
committerJason Zaman <jason@perfinion.com>2016-10-03 14:04:21 +0800
commit2022bceff1d223d72e93d2a62d952f6de4d88e2d (patch)
tree680d81ac80f42c405f8182ab9629c1a035c03aab /policy/modules/system/userdomain.te
parentModule version bumps for LVM and useromain patches from Guido Trentalancia. (diff)
downloadhardened-refpolicy-2022bceff1d223d72e93d2a62d952f6de4d88e2d.tar.gz
hardened-refpolicy-2022bceff1d223d72e93d2a62d952f6de4d88e2d.tar.bz2
hardened-refpolicy-2022bceff1d223d72e93d2a62d952f6de4d88e2d.zip
userdomain: introduce the user certificate file context (was miscfiles: introduce the user certificate file context)
Introduce a new file context for user certificates (user_cert_t) located in home directories. Introduce new auxiliary interfaces to read and manage such files files and directories. Thanks to Christopher PeBenito for the useful suggestions that led to this improved version of the patch. Compared to the previous version, this patch adds the ability to search the user home directories in the new interfaces. Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
Diffstat (limited to 'policy/modules/system/userdomain.te')
-rw-r--r--policy/modules/system/userdomain.te3
1 files changed, 3 insertions, 0 deletions
diff --git a/policy/modules/system/userdomain.te b/policy/modules/system/userdomain.te
index deb6a8d2..b44dd5da 100644
--- a/policy/modules/system/userdomain.te
+++ b/policy/modules/system/userdomain.te
@@ -93,6 +93,9 @@ files_associate_tmp(user_home_t)
files_poly_parent(user_home_t)
files_mountpoint(user_home_t)
+type user_cert_t;
+userdom_user_home_content(user_cert_t)
+
type user_devpts_t alias { staff_devpts_t sysadm_devpts_t secadm_devpts_t auditadm_devpts_t unconfined_devpts_t };
dev_node(user_devpts_t)
files_type(user_devpts_t)