fixes from dan

This commit is contained in:
Chris PeBenito 2006-01-18 18:45:23 +00:00
parent 68228b3300
commit 0a77288692
5 changed files with 13 additions and 5 deletions

View File

@ -1,3 +1,4 @@
- Miscellaneous fixes from Dan Walsh.
- Change initrc_var_run_t interface noun from script_pid to utmp, - Change initrc_var_run_t interface noun from script_pid to utmp,
for greater clarity. for greater clarity.
- Added modules: - Added modules:

View File

@ -2135,10 +2135,9 @@ interface(`files_dontaudit_getattr_tmp_dir',`
interface(`files_search_tmp',` interface(`files_search_tmp',`
gen_require(` gen_require(`
type tmp_t; type tmp_t;
class dir search;
') ')
allow $1 tmp_t:dir search; allow $1 tmp_t:dir search_dir_perms;
') ')
######################################## ########################################

View File

@ -1,5 +1,5 @@
policy_module(fetchmail,1.0.0) policy_module(fetchmail,1.0.1)
######################################## ########################################
# #
@ -29,6 +29,7 @@ allow fetchmail_t self:unix_dgram_socket create_socket_perms;
allow fetchmail_t self:unix_stream_socket create_stream_socket_perms; allow fetchmail_t self:unix_stream_socket create_stream_socket_perms;
allow fetchmail_t self:tcp_socket create_socket_perms; allow fetchmail_t self:tcp_socket create_socket_perms;
allow fetchmail_t self:udp_socket create_socket_perms; allow fetchmail_t self:udp_socket create_socket_perms;
allow fetchmail_t self:netlink_route_socket r_netlink_socket_perms;
allow fetchmail_t fetchmail_etc_t:file r_file_perms; allow fetchmail_t fetchmail_etc_t:file r_file_perms;
@ -41,6 +42,7 @@ files_filetrans_pid(fetchmail_t,fetchmail_var_run_t)
kernel_read_kernel_sysctl(fetchmail_t) kernel_read_kernel_sysctl(fetchmail_t)
kernel_list_proc(fetchmail_t) kernel_list_proc(fetchmail_t)
kernel_getattr_proc_files(fetchmail_t)
kernel_read_proc_symlinks(fetchmail_t) kernel_read_proc_symlinks(fetchmail_t)
corenet_non_ipsec_sendrecv(fetchmail_t) corenet_non_ipsec_sendrecv(fetchmail_t)
@ -59,8 +61,11 @@ corenet_udp_bind_all_nodes(fetchmail_t)
corenet_tcp_connect_all_ports(fetchmail_t) corenet_tcp_connect_all_ports(fetchmail_t)
dev_read_sysfs(fetchmail_t) dev_read_sysfs(fetchmail_t)
dev_read_rand(fetchmail_t)
dev_read_urand(fetchmail_t)
files_read_etc_files(fetchmail_t) files_read_etc_files(fetchmail_t)
files_read_etc_runtime_files(fetchmail_t)
fs_getattr_all_fs(fetchmail_t) fs_getattr_all_fs(fetchmail_t)
fs_search_auto_mountpoints(fetchmail_t) fs_search_auto_mountpoints(fetchmail_t)
@ -78,6 +83,7 @@ libs_use_shared_libs(fetchmail_t)
logging_send_syslog_msg(fetchmail_t) logging_send_syslog_msg(fetchmail_t)
miscfiles_read_localization(fetchmail_t) miscfiles_read_localization(fetchmail_t)
miscfiles_read_certs(fetchmail_t)
sysnet_read_config(fetchmail_t) sysnet_read_config(fetchmail_t)

View File

@ -1,5 +1,5 @@
policy_module(hal,1.2.0) policy_module(hal,1.2.1)
######################################## ########################################
# #
@ -139,6 +139,7 @@ ifdef(`targeted_policy', `
term_dontaudit_use_unallocated_tty(hald_t) term_dontaudit_use_unallocated_tty(hald_t)
term_dontaudit_use_generic_pty(hald_t) term_dontaudit_use_generic_pty(hald_t)
files_dontaudit_read_root_file(hald_t) files_dontaudit_read_root_file(hald_t)
files_dontaudit_getattr_home_dir(hald_t)
') ')
optional_policy(`apm',` optional_policy(`apm',`

View File

@ -1,5 +1,5 @@
policy_module(procmail,1.1.0) policy_module(procmail,1.1.1)
######################################## ########################################
# #
@ -99,6 +99,7 @@ optional_policy(`sendmail',`
optional_policy(`spamassassin',` optional_policy(`spamassassin',`
corenet_udp_bind_generic_port(procmail_t) corenet_udp_bind_generic_port(procmail_t)
corenet_tcp_connect_spamd_port(procmail_t)
files_getattr_tmp_dir(procmail_t) files_getattr_tmp_dir(procmail_t)