- Allow rpm to chat with networkmanager
This commit is contained in:
Daniel J Walsh
parent
78f2a3e7ba
commit
05758ff1dd
@ -1804,7 +1804,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/vpn.fc
|
|||||||
+/var/run/vpnc(/.*)? gen_context(system_u:object_r:vpnc_var_run_t,s0)
|
+/var/run/vpnc(/.*)? gen_context(system_u:object_r:vpnc_var_run_t,s0)
|
||||||
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/vpn.if serefpolicy-3.0.8/policy/modules/admin/vpn.if
|
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/vpn.if serefpolicy-3.0.8/policy/modules/admin/vpn.if
|
||||||
--- nsaserefpolicy/policy/modules/admin/vpn.if 2007-05-29 14:10:59.000000000 -0400
|
--- nsaserefpolicy/policy/modules/admin/vpn.if 2007-05-29 14:10:59.000000000 -0400
|
||||||
+++ serefpolicy-3.0.8/policy/modules/admin/vpn.if 2007-10-05 10:12:04.000000000 -0400
|
+++ serefpolicy-3.0.8/policy/modules/admin/vpn.if 2007-10-17 16:21:00.000000000 -0400
|
||||||
@@ -67,3 +67,25 @@
|
@@ -67,3 +67,25 @@
|
||||||
|
|
||||||
allow $1 vpnc_t:process signal;
|
allow $1 vpnc_t:process signal;
|
||||||
@ -2812,6 +2812,14 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mozilla.
|
|||||||
type mozilla_conf_t;
|
type mozilla_conf_t;
|
||||||
files_config_file(mozilla_conf_t)
|
files_config_file(mozilla_conf_t)
|
||||||
|
|
||||||
|
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/slocate.if serefpolicy-3.0.8/policy/modules/apps/slocate.if
|
||||||
|
--- nsaserefpolicy/policy/modules/apps/slocate.if 2007-05-29 14:10:48.000000000 -0400
|
||||||
|
+++ serefpolicy-3.0.8/policy/modules/apps/slocate.if 2007-10-17 16:23:50.000000000 -0400
|
||||||
|
@@ -39,3 +39,4 @@
|
||||||
|
allow $1 locate_var_lib_t:dir list_dir_perms;
|
||||||
|
files_search_var_lib($1)
|
||||||
|
')
|
||||||
|
+
|
||||||
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/userhelper.if serefpolicy-3.0.8/policy/modules/apps/userhelper.if
|
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/userhelper.if serefpolicy-3.0.8/policy/modules/apps/userhelper.if
|
||||||
--- nsaserefpolicy/policy/modules/apps/userhelper.if 2007-07-25 10:37:37.000000000 -0400
|
--- nsaserefpolicy/policy/modules/apps/userhelper.if 2007-07-25 10:37:37.000000000 -0400
|
||||||
+++ serefpolicy-3.0.8/policy/modules/apps/userhelper.if 2007-10-03 11:10:24.000000000 -0400
|
+++ serefpolicy-3.0.8/policy/modules/apps/userhelper.if 2007-10-03 11:10:24.000000000 -0400
|
||||||
@ -3027,7 +3035,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/coreco
|
|||||||
+/lib64/dbus-1/dbus-daemon-launch-helper -- gen_context(system_u:object_r:bin_t,s0)
|
+/lib64/dbus-1/dbus-daemon-launch-helper -- gen_context(system_u:object_r:bin_t,s0)
|
||||||
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.if.in serefpolicy-3.0.8/policy/modules/kernel/corenetwork.if.in
|
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.if.in serefpolicy-3.0.8/policy/modules/kernel/corenetwork.if.in
|
||||||
--- nsaserefpolicy/policy/modules/kernel/corenetwork.if.in 2007-07-03 07:05:38.000000000 -0400
|
--- nsaserefpolicy/policy/modules/kernel/corenetwork.if.in 2007-07-03 07:05:38.000000000 -0400
|
||||||
+++ serefpolicy-3.0.8/policy/modules/kernel/corenetwork.if.in 2007-10-17 15:56:12.000000000 -0400
|
+++ serefpolicy-3.0.8/policy/modules/kernel/corenetwork.if.in 2007-10-17 16:11:40.000000000 -0400
|
||||||
@@ -1449,6 +1449,43 @@
|
@@ -1449,6 +1449,43 @@
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
@ -3074,7 +3082,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corene
|
|||||||
## <param name="domain">
|
## <param name="domain">
|
||||||
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.te.in serefpolicy-3.0.8/policy/modules/kernel/corenetwork.te.in
|
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.te.in serefpolicy-3.0.8/policy/modules/kernel/corenetwork.te.in
|
||||||
--- nsaserefpolicy/policy/modules/kernel/corenetwork.te.in 2007-07-03 07:05:38.000000000 -0400
|
--- nsaserefpolicy/policy/modules/kernel/corenetwork.te.in 2007-07-03 07:05:38.000000000 -0400
|
||||||
+++ serefpolicy-3.0.8/policy/modules/kernel/corenetwork.te.in 2007-10-03 11:10:24.000000000 -0400
|
+++ serefpolicy-3.0.8/policy/modules/kernel/corenetwork.te.in 2007-10-17 16:38:35.000000000 -0400
|
||||||
@@ -55,6 +55,11 @@
|
@@ -55,6 +55,11 @@
|
||||||
type reserved_port_t, port_type, reserved_port_type;
|
type reserved_port_t, port_type, reserved_port_type;
|
||||||
|
|
||||||
@ -3087,20 +3095,21 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corene
|
|||||||
# server_packet_t is the default type of IPv4 and IPv6 server packets.
|
# server_packet_t is the default type of IPv4 and IPv6 server packets.
|
||||||
#
|
#
|
||||||
type server_packet_t, packet_type, server_packet_type;
|
type server_packet_t, packet_type, server_packet_type;
|
||||||
@@ -93,10 +98,10 @@
|
@@ -93,10 +98,11 @@
|
||||||
network_port(http_cache, tcp,3128,s0, udp,3130,s0, tcp,8080,s0, tcp,8118,s0) # 8118 is for privoxy
|
network_port(http_cache, tcp,3128,s0, udp,3130,s0, tcp,8080,s0, tcp,8118,s0) # 8118 is for privoxy
|
||||||
network_port(http, tcp,80,s0, tcp,443,s0, tcp,488,s0, tcp,8008,s0, tcp,8009,s0, tcp,8443,s0) #8443 is mod_nss default port
|
network_port(http, tcp,80,s0, tcp,443,s0, tcp,488,s0, tcp,8008,s0, tcp,8009,s0, tcp,8443,s0) #8443 is mod_nss default port
|
||||||
network_port(howl, tcp,5335,s0, udp,5353,s0)
|
network_port(howl, tcp,5335,s0, udp,5353,s0)
|
||||||
-network_port(hplip, tcp,1782,s0, tcp,2207,s0, tcp,2208,s0, tcp,50000,s0, tcp,50002,s0, tcp,8292,s0, tcp,9100,s0, tcp,9101,s0, tcp,9102,s0, tcp,9220,s0, tcp,9221,s0, tcp,9222,s0, tcp,9280,s0, tcp,9281,s0, tcp,9282,s0, tcp,9290,s0, tcp,9291,s0, tcp,9292,s0)
|
-network_port(hplip, tcp,1782,s0, tcp,2207,s0, tcp,2208,s0, tcp,50000,s0, tcp,50002,s0, tcp,8292,s0, tcp,9100,s0, tcp,9101,s0, tcp,9102,s0, tcp,9220,s0, tcp,9221,s0, tcp,9222,s0, tcp,9280,s0, tcp,9281,s0, tcp,9282,s0, tcp,9290,s0, tcp,9291,s0, tcp,9292,s0)
|
||||||
+network_port(hplip, tcp,1782,s0, tcp,2207,s0, tcp,2208,s0, tcp, 8290,s0, tcp,50000,s0, tcp,50002,s0, tcp,8292,s0, tcp,9100,s0, tcp,9101,s0, tcp,9102,s0, tcp,9220,s0, tcp,9221,s0, tcp,9222,s0, tcp,9280,s0, tcp,9281,s0, tcp,9282,s0, tcp,9290,s0, tcp,9291,s0, tcp,9292,s0)
|
+network_port(hplip, tcp,1782,s0, tcp,2207,s0, tcp,2208,s0, tcp, 8290,s0, tcp,50000,s0, tcp,50002,s0, tcp,8292,s0, tcp,9100,s0, tcp,9101,s0, tcp,9102,s0, tcp,9220,s0, tcp,9221,s0, tcp,9222,s0, tcp,9280,s0, tcp,9281,s0, tcp,9282,s0, tcp,9290,s0, tcp,9291,s0, tcp,9292,s0)
|
||||||
network_port(i18n_input, tcp,9010,s0)
|
network_port(i18n_input, tcp,9010,s0)
|
||||||
|
+network_port(ipsecnat, tcp,4500,s0, udp,4500,s0)
|
||||||
network_port(imaze, tcp,5323,s0, udp,5323,s0)
|
network_port(imaze, tcp,5323,s0, udp,5323,s0)
|
||||||
-network_port(inetd_child, tcp,7,s0, udp,7,s0, tcp,9,s0, udp,9,s0, tcp,13,s0, udp,13,s0, tcp,19,s0, udp,19,s0, tcp,37,s0, udp,37,s0, tcp,512,s0, tcp,543,s0, tcp,544,s0, tcp,891,s0, udp,891,s0, tcp,892,s0, udp,892,s0, tcp,2105,s0, tcp,5666,s0)
|
-network_port(inetd_child, tcp,7,s0, udp,7,s0, tcp,9,s0, udp,9,s0, tcp,13,s0, udp,13,s0, tcp,19,s0, udp,19,s0, tcp,37,s0, udp,37,s0, tcp,512,s0, tcp,543,s0, tcp,544,s0, tcp,891,s0, udp,891,s0, tcp,892,s0, udp,892,s0, tcp,2105,s0, tcp,5666,s0)
|
||||||
+network_port(inetd_child, tcp,1,s0, udp,1,s0, tcp,7,s0, udp,7,s0, tcp,9,s0, udp,9,s0, tcp,13,s0, udp,13,s0, tcp,19,s0, udp,19,s0, tcp,37,s0, udp,37,s0, tcp,512,s0, tcp,543,s0, tcp,544,s0, tcp,891,s0, udp,891,s0, tcp,892,s0, udp,892,s0, tcp,2105,s0, tcp,5666,s0)
|
+network_port(inetd_child, tcp,1,s0, udp,1,s0, tcp,7,s0, udp,7,s0, tcp,9,s0, udp,9,s0, tcp,13,s0, udp,13,s0, tcp,19,s0, udp,19,s0, tcp,37,s0, udp,37,s0, tcp,512,s0, tcp,543,s0, tcp,544,s0, tcp,891,s0, udp,891,s0, tcp,892,s0, udp,892,s0, tcp,2105,s0, tcp,5666,s0)
|
||||||
network_port(innd, tcp,119,s0)
|
network_port(innd, tcp,119,s0)
|
||||||
network_port(ipp, tcp,631,s0, udp,631,s0)
|
network_port(ipp, tcp,631,s0, udp,631,s0)
|
||||||
network_port(ircd, tcp,6667,s0)
|
network_port(ircd, tcp,6667,s0)
|
||||||
@@ -108,12 +113,13 @@
|
@@ -108,12 +114,13 @@
|
||||||
network_port(kerberos_master, tcp,4444,s0, udp,4444,s0)
|
network_port(kerberos_master, tcp,4444,s0, udp,4444,s0)
|
||||||
network_port(kerberos, tcp,88,s0, udp,88,s0, tcp,750,s0, udp,750,s0)
|
network_port(kerberos, tcp,88,s0, udp,88,s0, tcp,750,s0, udp,750,s0)
|
||||||
network_port(ktalkd, udp,517,s0, udp,518,s0)
|
network_port(ktalkd, udp,517,s0, udp,518,s0)
|
||||||
@ -3116,7 +3125,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corene
|
|||||||
network_port(nessus, tcp,1241,s0)
|
network_port(nessus, tcp,1241,s0)
|
||||||
network_port(netsupport, tcp,5405,s0, udp,5405,s0)
|
network_port(netsupport, tcp,5405,s0, udp,5405,s0)
|
||||||
network_port(nmbd, udp,137,s0, udp,138,s0)
|
network_port(nmbd, udp,137,s0, udp,138,s0)
|
||||||
@@ -146,7 +152,7 @@
|
@@ -146,7 +153,7 @@
|
||||||
network_port(snmp, udp,161,s0, udp,162,s0, tcp,199,s0)
|
network_port(snmp, udp,161,s0, udp,162,s0, tcp,199,s0)
|
||||||
network_port(spamd, tcp,783,s0)
|
network_port(spamd, tcp,783,s0)
|
||||||
network_port(ssh, tcp,22,s0)
|
network_port(ssh, tcp,22,s0)
|
||||||
@ -3125,7 +3134,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corene
|
|||||||
type socks_port_t, port_type; dnl network_port(socks) # no defined portcon
|
type socks_port_t, port_type; dnl network_port(socks) # no defined portcon
|
||||||
type stunnel_port_t, port_type; dnl network_port(stunnel) # no defined portcon in current strict
|
type stunnel_port_t, port_type; dnl network_port(stunnel) # no defined portcon in current strict
|
||||||
network_port(squid, udp,3401,s0, tcp,3401,s0, udp,4827,s0, tcp,4827,s0) # snmp and htcp
|
network_port(squid, udp,3401,s0, tcp,3401,s0, udp,4827,s0, tcp,4827,s0) # snmp and htcp
|
||||||
@@ -160,13 +166,19 @@
|
@@ -160,13 +167,19 @@
|
||||||
type utcpserver_port_t, port_type; dnl network_port(utcpserver) # no defined portcon
|
type utcpserver_port_t, port_type; dnl network_port(utcpserver) # no defined portcon
|
||||||
network_port(uucpd, tcp,540,s0)
|
network_port(uucpd, tcp,540,s0)
|
||||||
network_port(vnc, tcp,5900,s0)
|
network_port(vnc, tcp,5900,s0)
|
||||||
@ -16781,7 +16790,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
|
|||||||
+
|
+
|
||||||
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.te serefpolicy-3.0.8/policy/modules/system/userdomain.te
|
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.te serefpolicy-3.0.8/policy/modules/system/userdomain.te
|
||||||
--- nsaserefpolicy/policy/modules/system/userdomain.te 2007-09-12 10:34:51.000000000 -0400
|
--- nsaserefpolicy/policy/modules/system/userdomain.te 2007-09-12 10:34:51.000000000 -0400
|
||||||
+++ serefpolicy-3.0.8/policy/modules/system/userdomain.te 2007-10-17 12:58:33.000000000 -0400
|
+++ serefpolicy-3.0.8/policy/modules/system/userdomain.te 2007-10-17 16:35:19.000000000 -0400
|
||||||
@@ -24,13 +24,6 @@
|
@@ -24,13 +24,6 @@
|
||||||
|
|
||||||
## <desc>
|
## <desc>
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user