add upstream gpg_exec interface

author Dan Walsh <dwalsh@redhat.com>

Thu, 1 Dec 2011 21:27:15 +0000 (16:27 -0500)

committer Dan Walsh <dwalsh@redhat.com>

Thu, 1 Dec 2011 21:27:15 +0000 (16:27 -0500)
author Dan Walsh <dwalsh@redhat.com>
Thu, 1 Dec 2011 21:27:15 +0000 (16:27 -0500)
committer Dan Walsh <dwalsh@redhat.com>
Thu, 1 Dec 2011 21:27:15 +0000 (16:27 -0500)
diff --git a/policy/modules/apps/gpg.if b/policy/modules/apps/gpg.if

index 93d212c4e05e3083d067f529c5038c412e23f7d6..46cc164f5719a6cfab3b5d79a593ccc5e4065bc7 100644 (file)
--- a/policy/modules/apps/gpg.if
+++ b/policy/modules/apps/gpg.if
@@ -86,6 +86,25 @@ interface(`gpg_domtrans',`
         domtrans_pattern($1, gpg_exec_t, gpg_t)
  ')
  
+######################################
+## <summary>
+##     Execute gpg in the caller domain.
+## </summary>
+## <param name="domain">
+##     <summary>
+##     Domain allowed access.
+##     </summary>
+## </param>
+#
+interface(`gpg_exec',`
+       gen_require(`
+               type gpg_exec_t;
+       ')
+
+       corecmd_search_bin($1)
+       can_exec($1, gpg_exec_t)
+')
+
  ######################################
  ## <summary>
  ##  Transition to a gpg web domain.
author	Dan Walsh <dwalsh@redhat.com>
	Thu, 1 Dec 2011 21:27:15 +0000 (16:27 -0500)
committer	Dan Walsh <dwalsh@redhat.com>
	Thu, 1 Dec 2011 21:27:15 +0000 (16:27 -0500)