diff --git a/policy/modules/apps/games.te b/policy/modules/apps/games.te index 8dcd37b9d3..780c6fdcc4 100644 --- a/policy/modules/apps/games.te +++ b/policy/modules/apps/games.te @@ -92,7 +92,9 @@ optional_policy(` allow games_t self:fifo_file rw_fifo_file_perms; allow games_t self:sem create_sem_perms; allow games_t self:tcp_socket { accept listen }; +allow games_t self:process getsched; +manage_dirs_pattern(games_t, games_data_t, games_data_t) manage_files_pattern(games_t, games_data_t, games_data_t) manage_lnk_files_pattern(games_t, games_data_t, games_data_t) @@ -101,6 +103,8 @@ term_create_pty(games_t, games_devpts_t) manage_dirs_pattern(games_t, games_tmp_t, games_tmp_t) manage_files_pattern(games_t, games_tmp_t, games_tmp_t) +allow games_t games_tmp_t:file map; + files_tmp_filetrans(games_t, games_tmp_t, { file dir }) manage_files_pattern(games_t, games_tmpfs_t, games_tmpfs_t) @@ -128,6 +132,8 @@ corenet_tcp_bind_generic_port(games_t) corenet_sendrecv_generic_client_packets(games_t) corenet_tcp_connect_generic_port(games_t) +corenet_udp_bind_generic_node(games_t) + dev_read_sound(games_t) dev_read_input(games_t) dev_read_mouse(games_t) @@ -136,13 +142,16 @@ dev_rw_dri(games_t) dev_write_sound(games_t) files_list_var(games_t) +files_search_mnt(games_t) files_search_var_lib(games_t) files_dontaudit_search_var(games_t) +files_map_usr_files(games_t) files_read_etc_files(games_t) files_read_usr_files(games_t) files_read_var_files(games_t) fs_dontaudit_getattr_xattr_fs(games_t) +fs_search_nfs(games_t) init_dontaudit_rw_utmp(games_t) @@ -158,6 +167,7 @@ userdom_manage_user_tmp_dirs(games_t) userdom_manage_user_tmp_files(games_t) userdom_manage_user_tmp_symlinks(games_t) userdom_manage_user_tmp_sockets(games_t) +userdom_use_user_ptys(games_t) userdom_dontaudit_read_user_home_content_files(games_t) tunable_policy(`allow_execmem',` @@ -166,6 +176,7 @@ tunable_policy(`allow_execmem',` optional_policy(` alsa_read_config(games_t) + alsa_read_home_files(games_t) ') optional_policy(`