ricci patch from dan.

2009-07-21 10:10:00 -04:00 · 2009-07-21 10:10:00 -04:00 · 1847443ea3
commit 1847443ea3
parent d8822462c4
1 changed files with 15 additions and 11 deletions
--- a/policy/modules/services/ricci.te
+++ b/policy/modules/services/ricci.te
@ -1,5 +1,5 @@
-policy_module(ricci, 1.5.2)
+policy_module(ricci, 1.5.3)
 ########################################
 #
@ -133,6 +133,8 @@ corenet_tcp_connect_http_port(ricci_t)
 dev_read_urand(ricci_t)
 domain_read_all_domains_state(ricci_t)
 files_read_etc_files(ricci_t)
 files_read_etc_runtime_files(ricci_t)
 files_create_boot_flag(ricci_t)
@ -140,7 +142,7 @@ files_create_boot_flag(ricci_t)
 auth_domtrans_chk_passwd(ricci_t)
 auth_append_login_records(ricci_t)
-init_dontaudit_stream_connect_script(ricci_t)
+init_stream_connect_script(ricci_t)
 locallogin_dontaudit_use_fds(ricci_t)
@ -202,7 +204,7 @@ kernel_read_system_state(ricci_modcluster_t)
 corecmd_exec_shell(ricci_modcluster_t)
 corecmd_exec_bin(ricci_modcluster_t)
-domain_dontaudit_read_all_domains_state(ricci_modcluster_t)
+domain_read_all_domains_state(ricci_modcluster_t)
 files_search_locks(ricci_modcluster_t)
 files_read_etc_runtime_files(ricci_modcluster_t)
@ -214,6 +216,8 @@ init_domtrans_script(ricci_modcluster_t)
 logging_send_syslog_msg(ricci_modcluster_t)
 consoletype_exec(ricci_modcluster_t)
 miscfiles_read_localization(ricci_modcluster_t)
 modutils_domtrans_insmod(ricci_modcluster_t)
@ -228,10 +232,6 @@ optional_policy(`
 	ccs_manage_config(ricci_modcluster_t)
 ')
 optional_policy(`
 	consoletype_exec(ricci_modcluster_t)
 ')
 optional_policy(`
 	lvm_domtrans(ricci_modcluster_t)
 ')
@ -287,14 +287,14 @@ corenet_tcp_bind_generic_node(ricci_modclusterd_t)
 corenet_tcp_bind_ricci_modcluster_port(ricci_modclusterd_t)
 corenet_tcp_connect_ricci_modcluster_port(ricci_modclusterd_t)
-domain_dontaudit_read_all_domains_state(ricci_modclusterd_t)
+domain_read_all_domains_state(ricci_modclusterd_t)
 files_read_etc_files(ricci_modclusterd_t)
 files_read_etc_runtime_files(ricci_modclusterd_t)
 fs_getattr_xattr_fs(ricci_modclusterd_t)
-init_dontaudit_stream_connect_script(ricci_modclusterd_t)
+init_stream_connect_script(ricci_modclusterd_t)
 locallogin_dontaudit_use_fds(ricci_modclusterd_t)
@ -328,7 +328,7 @@ kernel_read_system_state(ricci_modlog_t)
 corecmd_exec_bin(ricci_modlog_t)
-domain_dontaudit_read_all_domains_state(ricci_modlog_t)
+domain_read_all_domains_state(ricci_modlog_t)
 files_read_etc_files(ricci_modlog_t)
 files_search_usr(ricci_modlog_t)
@ -432,7 +432,7 @@ dev_read_sysfs(ricci_modstorage_t)
 dev_read_urand(ricci_modstorage_t)
 dev_manage_generic_blk_files(ricci_modstorage_t)
-domain_dontaudit_read_all_domains_state(ricci_modstorage_t)
+domain_read_all_domains_state(ricci_modstorage_t)
 #Needed for editing /etc/fstab
 files_manage_etc_files(ricci_modstorage_t)
@ -452,6 +452,10 @@ miscfiles_read_localization(ricci_modstorage_t)
 modutils_read_module_deps(ricci_modstorage_t)
 consoletype_exec(ricci_modstorage_t)
 mount_domtrans(ricci_modstorage_t)
 optional_policy(`
 	ccs_stream_connect(ricci_modstorage_t)
 	ccs_read_config(ricci_modstorage_t)