source.dussan.org Git - tigervnc.git/commit

author	Lukas Vrabec <lvrabec@redhat.com>
	Mon, 25 May 2020 09:29:44 +0000 (11:29 +0200)
committer	Lukas Vrabec <lvrabec@redhat.com>
	Fri, 31 Jul 2020 13:12:44 +0000 (15:12 +0200)
commit	f4c3c816e4f9606eb0485e24edf4a386f125f949
tree	fe48bab2698a56e2a2952109796aa75fe790f1f3	tree \| snapshot
parent	0102acc61e40cb5dd6f0dfa4466bf628e7924da6	commit \| diff

[SELinux] Allow vnc session create ~/.vnc

Allow vnc session labeled with SELinux vnc_session_t domain to create
directory in user homedir ~/.vnc labeled with SELinux label xdm_home_t.

Because also process vncpasswd creates ~/.vnc directory, file transition that
userdomain attribute SELinux domain (label for the process) can create the
directory with the same label needs to be added.

userdomain attribute contains following SELinux types:
    auditadm_t
    dbadm_t
    guest_t
    logadm_t
    secadm_t
    staff_t
    staff_wine_t
    sysadm_t
    unconfined_t
    user_t
    user_wine_t
    webadm_t
    xguest_t

Signed-off-by: Lukas Vrabec <lvrabec@redhat.com>

unix/vncserver/selinux/vncsession.fc		diff \| blob \| history
unix/vncserver/selinux/vncsession.te		diff \| blob \| history