Add Sonic Login Manager SELinux rule to allow it to start SonicDE X11
This commit is contained in:
parent
e11051fbfb
commit
91c1f3ffff
3 changed files with 62 additions and 1 deletions
12
sonic-login-manager-selinux/plasmalogin-selinux.te
Normal file
12
sonic-login-manager-selinux/plasmalogin-selinux.te
Normal file
|
|
@ -0,0 +1,12 @@
|
|||
module plasmalogin-selinux 1.0;
|
||||
|
||||
require {
|
||||
type unconfined_t;
|
||||
type xdm_exec_t;
|
||||
class file { entrypoint execute };
|
||||
}
|
||||
|
||||
# Allow the plasmalogin process to execute the X11 user helper binary
|
||||
# which is labeled as xdm_exec_t. This is needed when the plasmalogin
|
||||
# daemon is not running in the xdm_t domain on SELinux enforcing systems.
|
||||
allow unconfined_t xdm_exec_t:file { entrypoint execute };
|
||||
Loading…
Add table
Add a link
Reference in a new issue