commit: b515caffd4a76d93c61b1b4a045bd1e922c8356c Author: Laurent Bigonville <bigon <AT> bigon <DOT> be> AuthorDate: Fri Apr 11 17:28:27 2014 +0000 Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org> CommitDate: Thu Apr 17 19:03:39 2014 +0000 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=b515caff
Allow the xdm_t domain to enter all the gkeyringd ones During the opening of the session, the pam_gnome_keyring module is starting the daemon in the gkeyringd user domain, allow xdm_t to transition to it. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742966 --- policy/modules/services/xserver.te | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te index 6366abf..ac13180 100644 --- a/policy/modules/services/xserver.te +++ b/policy/modules/services/xserver.te @@ -528,6 +528,10 @@ optional_policy(` ') optional_policy(` + gnome_spec_domtrans_all_gkeyringd(xdm_t) +') + +optional_policy(` # Talk to the console mouse server. gpm_stream_connect(xdm_t) gpm_setattr_gpmctl(xdm_t)
