Fix cobbler_admin interface to require cobblerd_initrc_exec_t.

As per: http://oss.tresys.com/pipermail/refpolicy/2010-March/002258.html Signed-off-by: Dominick Grift <domg472@gmail.com> Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
2010-03-04 19:52:02 +01:00 · 2010-03-04 19:52:02 +01:00 · 183f79e38e
commit 183f79e38e
parent eeb7616f5e
1 changed files with 1 additions and 1 deletions
--- a/policy/modules/services/cobbler.if
+++ b/policy/modules/services/cobbler.if
@ -161,7 +161,7 @@ interface(`cobbler_manage_lib_files',`
 interface(`cobblerd_admin',`
 	gen_require(`
 		type cobblerd_t, cobbler_var_lib_t, cobbler_var_log_t;
-		type cobbler_etc_t;
+		type cobbler_etc_t, cobblerd_initrc_exec_t;
 	')

 	allow $1 cobblerd_t:process { ptrace signal_perms getattr };