rpms/frr
7
0
Fork 0
Code Issues Pull Requests Releases Activity

SELinux: rename ifconfig_run interfaces to be more specific

Browse Source 
The change has no functional impact on the policy. It is just to keep it
in sync with the interfaces shipped in selinux-policy-* packages.

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
This commit is contained in:
Vit Mojzis 2024-01-04 17:15:39 +01:00 committed by mruprich
parent 2228c29472
commit 9c91b908e1
2 changed files with 6 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
frr.if
View File

@ -181,8 +181,8 @@ interface(`frr_admin',`
## </summary>
## </param>
#
ifndef(`sysnet_watch_ifconfig_run',`
interface(`sysnet_watch_ifconfig_run',`
ifndef(`sysnet_watch_ifconfig_run_dirs',`
interface(`sysnet_watch_ifconfig_run_dirs',`
gen_require(`
type ifconfig_var_run_t;
')
@ -201,8 +201,8 @@ ifndef(`sysnet_watch_ifconfig_run',`
## </summary>
## </param>
#
ifndef(`sysnet_read_ifconfig_run',`
interface(`sysnet_read_ifconfig_run',`
ifndef(`sysnet_read_ifconfig_run_files',`
interface(`sysnet_read_ifconfig_run_files',`
gen_require(`
type ifconfig_var_run_t;
')
@ -212,4 +212,3 @@ ifndef(`sysnet_read_ifconfig_run',`
read_lnk_files_pattern($1, ifconfig_var_run_t, ifconfig_var_run_t)
')
')

4
frr.te
View File

@ -98,8 +98,8 @@ domain_use_interactive_fds(frr_t)
fs_read_nsfs_files(frr_t)
sysnet_exec_ifconfig(frr_t)
sysnet_read_ifconfig_run(frr_t)
sysnet_watch_ifconfig_run(frr_t)
sysnet_read_ifconfig_run_files(frr_t)
sysnet_watch_ifconfig_run_dirs(frr_t)
ipsec_domtrans_mgmt(frr_t)