Chris PeBenito b2b38c
Chris PeBenito b2b38c
policy_module(gpg, 1.0)
Chris PeBenito b2b38c
Chris PeBenito b2b38c
########################################
Chris PeBenito b2b38c
#
Chris PeBenito b2b38c
# Declarations
Chris PeBenito b2b38c
#
Chris PeBenito b2b38c
Chris PeBenito b2b38c
# Allow gpg exec stack
Chris PeBenito b2b38c
bool allow_gpg_execstack false;
Chris PeBenito b2b38c
Chris PeBenito b2b38c
# Type for gpg or pgp executables.
Chris PeBenito b2b38c
type gpg_exec_t;
Chris PeBenito b2b38c
type gpg_helper_exec_t;
Chris PeBenito b2b38c
files_make_file(gpg_exec_t)
Chris PeBenito b2b38c
files_make_file(gpg_helper_exec_t)
Chris PeBenito b2b38c
Chris PeBenito b2b38c
# Type for the gpg-agent executable.
Chris PeBenito b2b38c
type gpg_agent_exec_t;
Chris PeBenito b2b38c
files_make_file(gpg_agent_exec_t)
Chris PeBenito b2b38c
Chris PeBenito b2b38c
# type for the pinentry executable
Chris PeBenito b2b38c
type pinentry_exec_t;
Chris PeBenito b2b38c
files_make_file(pinentry_exec_t)
Chris PeBenito b2b38c
Chris PeBenito b2b38c
#allow sysadm_gpg_t { home_root_t user_home_dir_t }:dir search;
Chris PeBenito b2b38c
#allow sysadm_gpg_t ptyfile:chr_file rw_file_perms;