rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

more dbus cleanup

Browse Source
This commit is contained in:
Chris PeBenito 2005-11-01 15:19:48 +00:00
parent dab808bde7
commit 0b12fa4bd0
4 changed files with 16 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
refpolicy/policy/modules/admin/updfstab.te
View File

@ -120,12 +120,13 @@ ifdef(`TODO',`
optional_policy(`rhgb.te',` optional_policy(`rhgb.te',`
rhgb_domain(updfstab_t) rhgb_domain(updfstab_t)
') ')
ifdef(`dbusd.te',`
allow initrc_t updfstab_t:dbus send_msg;
allow updfstab_t initrc_t:dbus send_msg;
')
allow updfstab_t tmpfs_t:dir getattr; allow updfstab_t tmpfs_t:dir getattr;
ifdef(`hald.te', ` ifdef(`hald.te', `
can_unix_connect(updfstab_t, hald_t) can_unix_connect(updfstab_t, hald_t)
') ')
') ')
optional_policy(`dbus.te',`
allow initrc_t updfstab_t:dbus send_msg;
allow updfstab_t initrc_t:dbus send_msg;
')

7
refpolicy/policy/modules/services/bind.te
View File

@ -270,11 +270,10 @@ optional_policy(`nscd.te',`
# Partially converted rules. THESE ARE ONLY TEMPORARY # Partially converted rules. THESE ARE ONLY TEMPORARY
# #
gen_require(`
class dbus send_msg;
')
allow named_t initrc_t:dbus send_msg; allow named_t initrc_t:dbus send_msg;
allow initrc_t named_t:dbus send_msg;
allow named_t dhcpc_t:dbus send_msg;
allow dhcpc_t named_t:dbus send_msg;
# cjp: this whole block was originally in networkmanager # cjp: this whole block was originally in networkmanager
optional_policy(`networkmanager.te',` optional_policy(`networkmanager.te',`

5
refpolicy/policy/modules/services/bluetooth.te
View File

@ -235,3 +235,8 @@ ifdef(`targeted_policy', `
allow unpriv_userdomain bluetooth_t:dbus send_msg; allow unpriv_userdomain bluetooth_t:dbus send_msg;
') ')
') dnl end TODO ') dnl end TODO
ifdef(`targeted_policy',`
allow bluetooth_t unconfined_t:dbus send_msg;
allow unconfined_t bluetooth_t:dbus send_msg;
')

3
refpolicy/policy/modules/services/cron.te
View File

@ -157,6 +157,9 @@ ifdef(`targeted_policy',`
userdom_manage_user_home_subdir_pipes(user,crond_t) userdom_manage_user_home_subdir_pipes(user,crond_t)
userdom_manage_user_home_subdir_sockets(user,crond_t) userdom_manage_user_home_subdir_sockets(user,crond_t)
userdom_create_user_home(user,crond_t,{ dir file lnk_file fifo_file sock_file }) userdom_create_user_home(user,crond_t,{ dir file lnk_file fifo_file sock_file })
allow crond_t unconfined_t:dbus send_msg;
allow crond_t initrc_t:dbus send_msg;
',` ',`
allow crond_t crond_tmp_t:dir create_dir_perms; allow crond_t crond_tmp_t:dir create_dir_perms;
allow crond_t crond_tmp_t:file create_file_perms; allow crond_t crond_tmp_t:file create_file_perms;