trunk: rpc update from Vaclav Ovsik.
This commit is contained in:
Chris PeBenito
parent
737fcf232c
commit
01e8ff4ab3
@ -1,3 +1,4 @@
|
|||||||
|
- RPC update from Vaclav Ovsik.
|
||||||
- Exim updates on Debian from Devin Carrawy.
|
- Exim updates on Debian from Devin Carrawy.
|
||||||
- Pam and samba updates from Stefan Schulze Frielinghaus.
|
- Pam and samba updates from Stefan Schulze Frielinghaus.
|
||||||
- Backup update on Debian from Vaclav Ovsik.
|
- Backup update on Debian from Vaclav Ovsik.
|
||||||
|
|||||||
@ -7,6 +7,7 @@
|
|||||||
# /sbin
|
# /sbin
|
||||||
#
|
#
|
||||||
/sbin/rpc\..* -- gen_context(system_u:object_r:rpcd_exec_t,s0)
|
/sbin/rpc\..* -- gen_context(system_u:object_r:rpcd_exec_t,s0)
|
||||||
|
/sbin/sm-notify -- gen_context(system_u:object_r:rpcd_exec_t,s0)
|
||||||
|
|
||||||
#
|
#
|
||||||
# /usr
|
# /usr
|
||||||
|
|||||||
@ -1,5 +1,5 @@
|
|||||||
|
|
||||||
policy_module(rpc,1.7.0)
|
policy_module(rpc,1.7.1)
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
#
|
#
|
||||||
@ -60,10 +60,15 @@ allow rpcd_t rpcd_var_run_t:dir setattr;
|
|||||||
manage_files_pattern(rpcd_t,rpcd_var_run_t,rpcd_var_run_t)
|
manage_files_pattern(rpcd_t,rpcd_var_run_t,rpcd_var_run_t)
|
||||||
files_pid_filetrans(rpcd_t,rpcd_var_run_t,file)
|
files_pid_filetrans(rpcd_t,rpcd_var_run_t,file)
|
||||||
|
|
||||||
|
# rpc.statd executes sm-notify
|
||||||
|
can_exec(rpcd_t, rpcd_exec_t)
|
||||||
|
corecmd_search_bin(rpcd_t)
|
||||||
|
|
||||||
kernel_read_system_state(rpcd_t)
|
kernel_read_system_state(rpcd_t)
|
||||||
kernel_search_network_state(rpcd_t)
|
kernel_search_network_state(rpcd_t)
|
||||||
# for rpc.rquotad
|
# for rpc.rquotad
|
||||||
kernel_read_sysctl(rpcd_t)
|
kernel_read_sysctl(rpcd_t)
|
||||||
|
kernel_rw_fs_sysctls(rpcd_t)
|
||||||
|
|
||||||
fs_list_rpc(rpcd_t)
|
fs_list_rpc(rpcd_t)
|
||||||
fs_read_rpc_files(rpcd_t)
|
fs_read_rpc_files(rpcd_t)
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user