fixes from dan
This commit is contained in:
parent
68228b3300
commit
0a77288692
@ -1,3 +1,4 @@
|
||||
- Miscellaneous fixes from Dan Walsh.
|
||||
- Change initrc_var_run_t interface noun from script_pid to utmp,
|
||||
for greater clarity.
|
||||
- Added modules:
|
||||
|
@ -2135,10 +2135,9 @@ interface(`files_dontaudit_getattr_tmp_dir',`
|
||||
interface(`files_search_tmp',`
|
||||
gen_require(`
|
||||
type tmp_t;
|
||||
class dir search;
|
||||
')
|
||||
|
||||
allow $1 tmp_t:dir search;
|
||||
allow $1 tmp_t:dir search_dir_perms;
|
||||
')
|
||||
|
||||
########################################
|
||||
|
@ -1,5 +1,5 @@
|
||||
|
||||
policy_module(fetchmail,1.0.0)
|
||||
policy_module(fetchmail,1.0.1)
|
||||
|
||||
########################################
|
||||
#
|
||||
@ -29,6 +29,7 @@ allow fetchmail_t self:unix_dgram_socket create_socket_perms;
|
||||
allow fetchmail_t self:unix_stream_socket create_stream_socket_perms;
|
||||
allow fetchmail_t self:tcp_socket create_socket_perms;
|
||||
allow fetchmail_t self:udp_socket create_socket_perms;
|
||||
allow fetchmail_t self:netlink_route_socket r_netlink_socket_perms;
|
||||
|
||||
allow fetchmail_t fetchmail_etc_t:file r_file_perms;
|
||||
|
||||
@ -41,6 +42,7 @@ files_filetrans_pid(fetchmail_t,fetchmail_var_run_t)
|
||||
|
||||
kernel_read_kernel_sysctl(fetchmail_t)
|
||||
kernel_list_proc(fetchmail_t)
|
||||
kernel_getattr_proc_files(fetchmail_t)
|
||||
kernel_read_proc_symlinks(fetchmail_t)
|
||||
|
||||
corenet_non_ipsec_sendrecv(fetchmail_t)
|
||||
@ -59,8 +61,11 @@ corenet_udp_bind_all_nodes(fetchmail_t)
|
||||
corenet_tcp_connect_all_ports(fetchmail_t)
|
||||
|
||||
dev_read_sysfs(fetchmail_t)
|
||||
dev_read_rand(fetchmail_t)
|
||||
dev_read_urand(fetchmail_t)
|
||||
|
||||
files_read_etc_files(fetchmail_t)
|
||||
files_read_etc_runtime_files(fetchmail_t)
|
||||
|
||||
fs_getattr_all_fs(fetchmail_t)
|
||||
fs_search_auto_mountpoints(fetchmail_t)
|
||||
@ -78,6 +83,7 @@ libs_use_shared_libs(fetchmail_t)
|
||||
logging_send_syslog_msg(fetchmail_t)
|
||||
|
||||
miscfiles_read_localization(fetchmail_t)
|
||||
miscfiles_read_certs(fetchmail_t)
|
||||
|
||||
sysnet_read_config(fetchmail_t)
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
|
||||
policy_module(hal,1.2.0)
|
||||
policy_module(hal,1.2.1)
|
||||
|
||||
########################################
|
||||
#
|
||||
@ -139,6 +139,7 @@ ifdef(`targeted_policy', `
|
||||
term_dontaudit_use_unallocated_tty(hald_t)
|
||||
term_dontaudit_use_generic_pty(hald_t)
|
||||
files_dontaudit_read_root_file(hald_t)
|
||||
files_dontaudit_getattr_home_dir(hald_t)
|
||||
')
|
||||
|
||||
optional_policy(`apm',`
|
||||
|
@ -1,5 +1,5 @@
|
||||
|
||||
policy_module(procmail,1.1.0)
|
||||
policy_module(procmail,1.1.1)
|
||||
|
||||
########################################
|
||||
#
|
||||
@ -99,6 +99,7 @@ optional_policy(`sendmail',`
|
||||
|
||||
optional_policy(`spamassassin',`
|
||||
corenet_udp_bind_generic_port(procmail_t)
|
||||
corenet_tcp_connect_spamd_port(procmail_t)
|
||||
|
||||
files_getattr_tmp_dir(procmail_t)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user