Allow hald to transition to netutils

Block signal via mcs systems
2010-08-30 15:15:03 -04:00 · 2010-08-30 15:15:03 -04:00 · 079779a634
commit 079779a634
parent 898c0de0b7
2 changed files with 3 additions and 1 deletions
--- a/policy/mcs
+++ b/policy/mcs
@ -98,7 +98,7 @@ mlsconstrain process { transition dyntransition }
 mlsconstrain process { ptrace }
 	(( h1 dom h2) or ( t1 == mcsptraceall ));

-mlsconstrain process { sigkill sigstop }
+mlsconstrain process { signal sigkill sigstop }
 	(( h1 dom h2 ) or ( t1 == mcskillall ));

 #
--- a/policy/modules/services/hal.te
+++ b/policy/modules/services/hal.te
@ -226,6 +226,8 @@ sysnet_signal_dhcpc(hald_t)
 userdom_dontaudit_use_unpriv_user_fds(hald_t)
 userdom_dontaudit_search_user_home_dirs(hald_t)

+netutils_domtrans(hald_t)
+
 optional_policy(`
 	alsa_domtrans(hald_t)
 	alsa_read_rw_config(hald_t)