trunk: 3 patches from dan.

This commit is contained in:
Chris PeBenito 2007-10-18 19:31:14 +00:00
parent a334d2918f
commit 2f27163c1b
4 changed files with 27 additions and 4 deletions

View File

@ -1,4 +1,4 @@
policy_module(brctl,1.0.1)
policy_module(brctl,1.0.2)
########################################
#
@ -26,6 +26,7 @@ kernel_read_network_state(brctl_t)
kernel_read_sysctl(brctl_t)
dev_rw_sysfs(brctl_t)
dev_write_sysfs_dirs(brctl_t)
# Init script handling
domain_use_interactive_fds(brctl_t)

View File

@ -1,5 +1,5 @@
policy_module(logwatch,1.6.0)
policy_module(logwatch,1.6.1)
#################################
#
@ -48,7 +48,7 @@ corecmd_exec_bin(logwatch_t)
corecmd_exec_shell(logwatch_t)
dev_read_urand(logwatch_t)
dev_search_sysfs(logwatch_t)
dev_read_sysfs(logwatch_t)
# Read /proc/PID directories for all domains.
domain_read_all_domains_state(logwatch_t)

View File

@ -216,6 +216,24 @@ interface(`usermanage_run_admin_passwd',`
')
')
########################################
## <summary>
## Dontaudit attempts to use useradd fds
## </summary>
## <param name="domain">
## <summary>
## The type of the process performing this action.
## </summary>
## </param>
#
interface(`usermanage_dontaudit_use_useradd_fds',`
gen_require(`
type useradd_t;
')
dontaudit $1 useradd_t:fd use;
')
########################################
## <summary>
## Execute useradd in the useradd domain.

View File

@ -1,5 +1,5 @@
policy_module(usermanage,1.8.1)
policy_module(usermanage,1.8.2)
########################################
#
@ -519,6 +519,10 @@ userdom_generic_user_home_dir_filetrans_generic_user_home_content(useradd_t,notd
mta_manage_spool(useradd_t)
optional_policy(`
apache_manage_all_user_content(useradd_t)
')
optional_policy(`
dpkg_use_fds(useradd_t)
dpkg_rw_pipes(useradd_t)