1 |
commit: 7bb79960bdc89e57c7f681c63692c5341c1911e3 |
2 |
Author: Guido Trentalancia <guido <AT> trentalancia <DOT> net> |
3 |
AuthorDate: Sat Apr 29 18:17:13 2017 +0000 |
4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun May 7 15:54:42 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=7bb79960 |
7 |
|
8 |
evolution: minor fixes and updates |
9 |
|
10 |
Minor fixes and updates for the evolution module. |
11 |
|
12 |
Signed-off-by: Guido Trentalancia <guido <AT> trentalancia.net> |
13 |
|
14 |
policy/modules/contrib/evolution.te | 3 ++- |
15 |
1 file changed, 2 insertions(+), 1 deletion(-) |
16 |
|
17 |
diff --git a/policy/modules/contrib/evolution.te b/policy/modules/contrib/evolution.te |
18 |
index bf456df4..c30623de 100644 |
19 |
--- a/policy/modules/contrib/evolution.te |
20 |
+++ b/policy/modules/contrib/evolution.te |
21 |
@@ -111,7 +111,7 @@ userdom_user_tmpfs_file(evolution_webcal_tmpfs_t) |
22 |
# |
23 |
|
24 |
allow evolution_t self:capability { setgid setuid sys_nice }; |
25 |
-allow evolution_t self:process { execmem getsched setsched signal }; |
26 |
+allow evolution_t self:process { execmem getsched setsched signal signull }; |
27 |
allow evolution_t self:fifo_file rw_file_perms; |
28 |
|
29 |
allow evolution_t evolution_home_t:dir manage_dir_perms; |
30 |
@@ -320,6 +320,7 @@ dev_read_urand(evolution_alarm_t) |
31 |
|
32 |
files_read_usr_files(evolution_alarm_t) |
33 |
|
34 |
+fs_dontaudit_getattr_xattr_fs(evolution_alarm_t) |
35 |
fs_search_auto_mountpoints(evolution_alarm_t) |
36 |
|
37 |
auth_use_nsswitch(evolution_alarm_t) |