RPM: synchronize redhat directory with r14.1.x branch

Signed-off-by: François Andriot <albator78@libertysurf.fr>

1 files changed, 30 insertions, 0 deletions

diff --git a/redhat/core/tdebase/tdm.fc39.te b/redhat/core/tdebase/tdm.fc39.te
new file mode 100644
index 000000000..f3bcb40d4
--- /dev/null
+++ b/redhat/core/tdebase/tdm.fc39.te
@@ -0,0 +1,30 @@
+
+module tdm 1.0;
+
+require {
+	type etc_t;
+	type fprintd_t;
+	type init_t;
+	type tmp_t;
+	type unconfined_service_t;
+	type unconfined_t;
+	type var_lib_t;
+	type var_run_t;
+	type xdm_t;
+	class capability2 mac_admin;
+	class dbus send_msg;
+	class fifo_file { getattr open read setattr unlink };
+	class file { create entrypoint getattr lock map open read rename unlink write };
+	class lnk_file unlink;
+	class process transition;
+}
+
+allow fprintd_t init_t:dbus send_msg;
+allow unconfined_service_t unconfined_t:process transition;
+allow unconfined_t self:capability2 mac_admin;
+allow xdm_t etc_t:file { create rename unlink write };
+allow xdm_t tmp_t:fifo_file { getattr open read setattr unlink };
+allow xdm_t tmp_t:file { map open unlink };
+allow xdm_t tmp_t:lnk_file unlink;
+allow xdm_t var_lib_t:file { unlink };
+allow xdm_t var_run_t:file { getattr lock open read write };