diff options
| author |   Jason Zaman <perfinion@gentoo.org> | 2022-09-03 12:42:40 -0700 |
|---|---|---|
| committer | Jason Zaman <perfinion@gentoo.org> | 2022-09-03 12:42:40 -0700 |
| commit | a9fe3da3996138ab9d9a7b634bdf072d84c95187 (patch) | |
| tree | 627d232741f0b5667847a9c753450624f2289ccd | |
| parent | Update generated policy and doc files (diff) | |
| download | hardened-refpolicy-a9fe3da3996138ab9d9a7b634bdf072d84c95187.tar.gz hardened-refpolicy-a9fe3da3996138ab9d9a7b634bdf072d84c95187.tar.bz2 hardened-refpolicy-a9fe3da3996138ab9d9a7b634bdf072d84c95187.zip | |
xserver: Revert the rest of the sddm changes
Tried a partial revert in order to match upstream but validation still
fails so fully revert again.
Signed-off-by: Jason Zaman <perfinion@gentoo.org>
| -rw-r--r-- | config/appconfig-mcs/xdm_default_contexts | 1 | ||||
| -rw-r--r-- | config/appconfig-mls/xdm_default_contexts | 1 | ||||
| -rw-r--r-- | config/appconfig-standard/xdm_default_contexts | 1 | ||||
| -rw-r--r-- | policy/modules/services/xserver.te | 11 |
4 files changed, 0 insertions, 14 deletions
diff --git a/config/appconfig-mcs/xdm_default_contexts b/config/appconfig-mcs/xdm_default_contexts deleted file mode 100644 index 08c88c0f..00000000 --- a/config/appconfig-mcs/xdm_default_contexts +++ /dev/null @@ -1 +0,0 @@ -system_r:xdm_t:s0 system_r:xdm_t:s0 diff --git a/config/appconfig-mls/xdm_default_contexts b/config/appconfig-mls/xdm_default_contexts deleted file mode 100644 index 08c88c0f..00000000 --- a/config/appconfig-mls/xdm_default_contexts +++ /dev/null @@ -1 +0,0 @@ -system_r:xdm_t:s0 system_r:xdm_t:s0 diff --git a/config/appconfig-standard/xdm_default_contexts b/config/appconfig-standard/xdm_default_contexts deleted file mode 100644 index af1cb2e7..00000000 --- a/config/appconfig-standard/xdm_default_contexts +++ /dev/null @@ -1 +0,0 @@ -system_r:xdm_t system_r:xdm_t diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te index 24cea45b..347e96c2 100644 --- a/policy/modules/services/xserver.te +++ b/policy/modules/services/xserver.te @@ -62,10 +62,6 @@ gen_tunable(xserver_object_manager, false) ## </desc> gen_tunable(xserver_allow_dri, false) -# for sddm to use pam for greeter -role xdm_r; -allow system_r xdm_r; - attribute x_domain; # X Events @@ -149,7 +145,6 @@ fs_associate_tmpfs(xconsole_device_t) files_associate_tmp(xconsole_device_t) type xdm_t; -role xdm_r types xdm_t; type xdm_exec_t; auth_login_pgm_domain(xdm_t) init_domain(xdm_t, xdm_exec_t) @@ -848,9 +843,6 @@ manage_files_pattern(xserver_t, xdm_tmp_t, xdm_tmp_t) manage_lnk_files_pattern(xserver_t, xdm_tmp_t, xdm_tmp_t) manage_sock_files_pattern(xserver_t, xdm_tmp_t, xdm_tmp_t) -# for sddm to use pam for greeter, sddm greeter needs execmod -allow xdm_t xdm_tmpfs_t:file execmod; - # Run Xorg.wrap can_exec(xserver_t, xserver_exec_t) @@ -1054,6 +1046,3 @@ ifdef(`distro_gentoo',` cgmanager_stream_connect(xdm_t) ') ') - -# for sddm to use pam for greeter -gen_user(xdm,, xdm_r, s0, s0) |