← Back to branch summary

~ubuntu-branches/ubuntu/natty/refpolicy-ubuntu/natty

« back to all changes in this revision

Viewing changes to policy/modules/services/policykit.te

  • Committer: Bazaar Package Importer
  • Author(s): Kees Cook
  • Date: 2010-04-22 17:10:43 UTC
  • mfrom: (1.1.2 upstream)
  • Revision ID: james.westby@ubuntu.com-20100422171043-khrw2m21gser7icb
Tags: 0.2.20091117-0ubuntu1
https://launchpad.net/bugs/568744
* New upstream release, converted to source format 3.
* Updated Ubuntu-specific patches thanks to Steve Lawrence (LP: #568744).
* Extracted Makefile change to debian/patches/bashisms.patch.

Show diffs side-by-side

added added

removed removed

Lines of Context:
policy/modules/services/policykit.te
1
1
 
2
 
policy_module(policykit, 1.0.0)
 
2
policy_module(policykit, 1.1.0)
3
3
 
4
4
########################################
5
5
#
36
36
# policykit local policy
37
37
#
38
38
 
39
 
allow policykit_t self:capability { setgid setuid };
40
 
allow policykit_t self:process getattr;
 
39
allow policykit_t self:capability { setgid setuid sys_ptrace };
 
40
allow policykit_t self:process { getattr getsched };
41
41
allow policykit_t self:fifo_file rw_file_perms;
42
42
allow policykit_t self:unix_dgram_socket create_socket_perms;
43
43
allow policykit_t self:unix_stream_socket create_stream_socket_perms;
70
70
 
71
71
userdom_read_all_users_state(policykit_t)
72
72
 
 
73
fs_list_inotifyfs(policykit_t)
 
74
 
 
75
optional_policy(`
 
76
        dbus_system_bus_client(policykit_t)
 
77
        dbus_session_bus_client(policykit_t)
 
78
        dbus_connect_system_bus(policykit_t)
 
79
 
 
80
        optional_policy(`
 
81
                consolekit_dbus_chat(policykit_t)
 
82
        ')
 
83
 
 
84
        optional_policy(`
 
85
                networkmanager_dbus_chat(policykit_t)
 
86
        ')
 
87
 
 
88
        optional_policy(`
 
89
                consolekit_dbus_chat(policykit_t)
 
90
        ')
 
91
 
 
92
        optional_policy(`
 
93
                unconfined_dbus_chat(policykit_t)
 
94
        ')
 
95
')
 
96
 
73
97
########################################
74
98
#
75
99
# polkit_auth local policy
92
116
manage_files_pattern(policykit_auth_t, policykit_var_run_t, policykit_var_run_t)
93
117
files_pid_filetrans(policykit_auth_t, policykit_var_run_t, { file dir })
94
118
 
 
119
kernel_read_system_state(policykit_auth_t)
 
120
 
95
121
files_read_etc_files(policykit_auth_t)
96
122
files_read_usr_files(policykit_auth_t)
97
123
 
104
130
userdom_dontaudit_read_user_home_content_files(policykit_auth_t)
105
131
 
106
132
optional_policy(`
 
133
        dbus_system_bus_client(policykit_auth_t)
107
134
        dbus_session_bus_client(policykit_auth_t)
108
135
 
109
136
        optional_policy(`