1 |
commit: 0cc26bea9b48fa43b815a9da5013c0d60a0ec770 |
2 |
Author: Chris PeBenito <pebenito <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Feb 8 13:40:37 2014 +0000 |
4 |
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Feb 9 10:51:07 2014 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=0cc26bea |
7 |
|
8 |
Rearrange gpg agent calls. |
9 |
|
10 |
--- |
11 |
policy/modules/services/ssh.if | 10 +++++----- |
12 |
policy/modules/services/ssh.te | 10 +++++----- |
13 |
2 files changed, 10 insertions(+), 10 deletions(-) |
14 |
|
15 |
diff --git a/policy/modules/services/ssh.if b/policy/modules/services/ssh.if |
16 |
index dbce034..cbd0cdd 100644 |
17 |
--- a/policy/modules/services/ssh.if |
18 |
+++ b/policy/modules/services/ssh.if |
19 |
@@ -423,16 +423,16 @@ template(`ssh_role_template',` |
20 |
') |
21 |
|
22 |
optional_policy(` |
23 |
- xserver_use_xdm_fds($1_ssh_agent_t) |
24 |
- xserver_rw_xdm_pipes($1_ssh_agent_t) |
25 |
- ') |
26 |
- |
27 |
- optional_policy(` |
28 |
tunable_policy(`ssh_use_gpg_agent',` |
29 |
# for ssh-add |
30 |
gpg_stream_connect_agent($3) |
31 |
') |
32 |
') |
33 |
+ |
34 |
+ optional_policy(` |
35 |
+ xserver_use_xdm_fds($1_ssh_agent_t) |
36 |
+ xserver_rw_xdm_pipes($1_ssh_agent_t) |
37 |
+ ') |
38 |
') |
39 |
|
40 |
######################################## |
41 |
|
42 |
diff --git a/policy/modules/services/ssh.te b/policy/modules/services/ssh.te |
43 |
index 48654c2..e7b6412 100644 |
44 |
--- a/policy/modules/services/ssh.te |
45 |
+++ b/policy/modules/services/ssh.te |
46 |
@@ -205,16 +205,16 @@ tunable_policy(`user_tcp_server',` |
47 |
') |
48 |
|
49 |
optional_policy(` |
50 |
- xserver_user_x_domain_template(ssh, ssh_t, ssh_tmpfs_t) |
51 |
- xserver_domtrans_xauth(ssh_t) |
52 |
-') |
53 |
- |
54 |
-optional_policy(` |
55 |
tunable_policy(`ssh_use_gpg_agent',` |
56 |
gpg_stream_connect_agent(ssh_t) |
57 |
') |
58 |
') |
59 |
|
60 |
+optional_policy(` |
61 |
+ xserver_user_x_domain_template(ssh, ssh_t, ssh_tmpfs_t) |
62 |
+ xserver_domtrans_xauth(ssh_t) |
63 |
+') |
64 |
+ |
65 |
############################## |
66 |
# |
67 |
# ssh_keysign_t local policy |