Index: refpolicy/policy/modules/contrib/boinc.te
===================================================================
--- refpolicy.orig/policy/modules/contrib/boinc.te
+++ refpolicy/policy/modules/contrib/boinc.te
@@ -1,4 +1,4 @@
-policy_module(boinc, 1.4.0)
+policy_module(boinc, 1.4.1)
########################################
#
@@ -85,6 +85,7 @@ domtrans_pattern(boinc_t, boinc_project_
kernel_read_system_state(boinc_t)
kernel_search_vm_sysctl(boinc_t)
+kernel_read_crypto_sysctls(boinc_t)
corenet_all_recvfrom_unlabeled(boinc_t)
corenet_all_recvfrom_netlabel(boinc_t)
@@ -155,6 +156,13 @@ optional_policy(`
sysnet_dns_name_resolve(boinc_t)
')
+optional_policy(`
+ corenet_tcp_connect_xserver_port(boinc_t)
+
+ xserver_list_xdm_tmp(boinc_t)
+ xserver_non_drawing_client(boinc_t)
+')
+
########################################
#
# Project local policy
Index: refpolicy/policy/modules/services/xserver.if
===================================================================
--- refpolicy.orig/policy/modules/services/xserver.if
+++ refpolicy/policy/modules/services/xserver.if
@@ -1156,7 +1156,7 @@ interface(`xserver_dontaudit_getattr_xdm
########################################
##
-## Search xdm_tmp_t directories
+## list xdm_tmp_t directories
##
##
##
@@ -1164,12 +1164,12 @@ interface(`xserver_dontaudit_getattr_xdm
##
##
#
-interface(`xserver_search_xdm_tmp',`
+interface(`xserver_list_xdm_tmp',`
gen_require(`
type xdm_tmp_t;
')
- allow $1 xdm_tmp_t:dir search;
+ allow $1 xdm_tmp_t:dir list_dir_perms;
')
########################################