From aaf842a4158daf03074f79921f67954b4b738736 Mon Sep 17 00:00:00 2001
From: Sam Hadow <sam.hadow@inbox.lv>
Date: Tue, 3 Feb 2026 00:12:12 +0100
Subject: [PATCH] new modules

---
 NetworkManager.te | 10 ++++++++++
 Xorg.te           | 10 ++++++++++
 sddm.te           | 16 ++++++++++++++++
 3 files changed, 36 insertions(+)
 create mode 100644 NetworkManager.te
 create mode 100644 Xorg.te
 create mode 100644 sddm.te

diff --git a/NetworkManager.te b/NetworkManager.te
new file mode 100644
index 0000000..02b8d95
--- /dev/null
+++ b/NetworkManager.te
@@ -0,0 +1,10 @@
+module NetworkManager 1.0;
+
+require {
+        type lib_t;
+        type NetworkManager_t;
+        class file execute_no_trans;
+}
+
+#============= NetworkManager_t ==============
+allow NetworkManager_t lib_t:file execute_no_trans;
diff --git a/Xorg.te b/Xorg.te
new file mode 100644
index 0000000..fcc8c7b
--- /dev/null
+++ b/Xorg.te
@@ -0,0 +1,10 @@
+module Xorg 1.0;
+
+require {
+        type xserver_t;
+        class process execmem;
+}
+
+#============= xserver_t ==============
+# Note: you can also use one of the following boolean: allow_execmem, allow_execstack
+allow xserver_t self:process execmem;
diff --git a/sddm.te b/sddm.te
new file mode 100644
index 0000000..ad8d821
--- /dev/null
+++ b/sddm.te
@@ -0,0 +1,16 @@
+module sddm 1.0;
+
+require {
+        type xdm_t;
+        type usr_t;
+        type unconfined_t;
+        class process execmem;
+        class file entrypoint;
+}
+
+#============= unconfined_t ==============
+allow unconfined_t usr_t:file entrypoint;
+
+#============= xdm_t ==============
+# Note: you can also use one of the following boolean: allow_execmem, allow_execstack, xserver_gnome_xdm
+allow xdm_t self:process execmem;