domtrans_pattern(ssh_t, ssh_keysign_exec_t, ssh_keysign_t)
')
-tunable_policy(`use_fusefs_home_dirs',`
- fs_manage_fusefs_dirs(ssh_t)
- fs_manage_fusefs_files(ssh_t)
-')
-
# for port forwarding
tunable_policy(`user_tcp_server',`
corenet_tcp_bind_ssh_port(ssh_t)
')
tunable_policy(`ssh_chroot_rw_homedirs && use_fusefs_home_dirs',`
+ fs_manage_fusefs_dirs(chroot_user_t)
fs_manage_fusefs_files(chroot_user_t)
+ fs_manage_fusefs_symlinks(chroot_user_t)
')
tunable_policy(`use_samba_home_dirs',`
miscfiles_read_fonts(xauth_t)
')
-tunable_policy(`use_fusefs_home_dirs',`
- fs_manage_fusefs_files(xauth_t)
-')
-
userdom_home_manager(xauth_t)
ifdef(`hide_broken_symptoms',`
allow xdm_t self:process { execheap execmem };
')
-tunable_policy(`use_fusefs_home_dirs',`
- fs_manage_fusefs_dirs(xdm_t)
- fs_manage_fusefs_files(xdm_t)
-')
-
tunable_policy(`use_nfs_home_dirs',`
fs_exec_nfs_files(xdm_t)
')
projects / people / stevee / selinux-policy.git / commitdiff
