From: Dan Walsh <dwalsh@redhat.com>
Date: Thu, 1 Dec 2011 21:27:15 +0000 (-0500)
Subject: add upstream gpg_exec interface
X-Git-Tag: 000~56
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=42277d016ca5669e1d16e8a036f702bbb6df5419;p=people%2Fstevee%2Fselinux-policy.git

add upstream gpg_exec interface
---

diff --git a/policy/modules/apps/gpg.if b/policy/modules/apps/gpg.if
index 93d212c4..46cc164f 100644
--- a/policy/modules/apps/gpg.if
+++ b/policy/modules/apps/gpg.if
@@ -86,6 +86,25 @@ interface(`gpg_domtrans',`
 	domtrans_pattern($1, gpg_exec_t, gpg_t)
 ')
 
+######################################
+## <summary>
+##	Execute gpg in the caller domain.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`gpg_exec',`
+	gen_require(`
+		type gpg_exec_t;
+	')
+
+	corecmd_search_bin($1)
+	can_exec($1, gpg_exec_t)
+')
+
 ######################################
 ## <summary>
 ##  Transition to a gpg web domain.