From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-751024-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 42CDA1389E2
	for <garchives@archives.gentoo.org>; Fri, 28 Nov 2014 10:04:18 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 5C099E08D1;
	Fri, 28 Nov 2014 10:04:10 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id D35C9E08A1
	for <gentoo-commits@lists.gentoo.org>; Fri, 28 Nov 2014 10:04:08 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id D633A3402CF
	for <gentoo-commits@lists.gentoo.org>; Fri, 28 Nov 2014 10:04:07 +0000 (UTC)
Received: from localhost.localdomain (localhost [127.0.0.1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 188A7B14F
	for <gentoo-commits@lists.gentoo.org>; Fri, 28 Nov 2014 10:04:04 +0000 (UTC)
From: "Sven Vermeulen" <swift@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Sven Vermeulen" <swift@gentoo.org>
Message-ID: <1417004891.3f6c14f9b89350b60e83e5f7764b7a095df7b005.swift@gentoo>
Subject: [gentoo-commits] proj/hardened-refpolicy:next commit in: policy/modules/system/
X-VCS-Repository: proj/hardened-refpolicy
X-VCS-Files: policy/modules/system/userdomain.if
X-VCS-Directories: policy/modules/system/
X-VCS-Committer: swift
X-VCS-Committer-Name: Sven Vermeulen
X-VCS-Revision: 3f6c14f9b89350b60e83e5f7764b7a095df7b005
X-VCS-Branch: next
Date: Fri, 28 Nov 2014 10:04:04 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Archives-Salt: 3b1a6282-4390-4742-9528-928bc9de8078
X-Archives-Hash: ab1b5c9bbf25034087eb991721b0ec28

commit:     3f6c14f9b89350b60e83e5f7764b7a095df7b005
Author:     Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Tue Nov 25 20:00:07 2014 +0000
Commit:     Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Wed Nov 26 12:28:11 2014 +0000
URL:        http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=3f6c14f9

Introduce userdom_manage_user_tmp_chr_files interface

---
 policy/modules/system/userdomain.if | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
index 16a95cc..eba23be 100644
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -3630,3 +3630,23 @@ interface(`userdom_manage_all_user_home_content',`
 	manage_fifo_files_pattern($1, user_home_content_type, user_home_content_type)
 	manage_sock_files_pattern($1, user_home_content_type, user_home_content_type)
 ')
+
+########################################
+## <summary>
+##	Create, read, write, and delete user
+##	temporary character files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`userdom_manage_user_tmp_chr_files',`
+	gen_require(`
+		type user_tmp_t;
+	')
+
+	manage_chr_files_pattern($1, user_tmp_t, user_tmp_t)
+	files_search_tmp($1)
+')