From 3573908f1c77c5f8abbb952e949d8aa34b5de3c1 Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: Wed, 16 Aug 2006 13:52:18 +0000 Subject: [PATCH] fix cron_system_entry() rules --- policy/modules/services/cron.if | 3 ++- policy/modules/services/cron.te | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/policy/modules/services/cron.if b/policy/modules/services/cron.if index 88033ab3..e3b1abcc 100644 --- a/policy/modules/services/cron.if +++ b/policy/modules/services/cron.if @@ -322,7 +322,6 @@ interface(`cron_system_entry',` # cjp: perhaps these four rules from the old # domain_auto_trans are not needed? - allow system_crond_t $1:fd use; allow $1 system_crond_t:fd use; allow $1 system_crond_t:fifo_file rw_file_perms; allow $1 system_crond_t:process sigchld; @@ -330,6 +329,8 @@ interface(`cron_system_entry',` allow $1 crond_t:fifo_file rw_file_perms; allow $1 crond_t:fd use; allow $1 crond_t:process sigchld; + + role system_r types $1; ') ######################################## diff --git a/policy/modules/services/cron.te b/policy/modules/services/cron.te index 3b48afb2..3ee3cf3a 100644 --- a/policy/modules/services/cron.te +++ b/policy/modules/services/cron.te @@ -1,5 +1,5 @@ -policy_module(cron,1.3.9) +policy_module(cron,1.3.10) gen_require(` class passwd rootok;