Fix lvm_read_metadata()
This commit is contained in:
parent
60668f6a35
commit
450ad890ec
@ -33578,10 +33578,10 @@ index 6b91740..633e449 100644
|
|||||||
+/var/run/clvmd\.pid -- gen_context(system_u:object_r:clvmd_var_run_t,s0)
|
+/var/run/clvmd\.pid -- gen_context(system_u:object_r:clvmd_var_run_t,s0)
|
||||||
/var/run/dmevent.* gen_context(system_u:object_r:lvm_var_run_t,s0)
|
/var/run/dmevent.* gen_context(system_u:object_r:lvm_var_run_t,s0)
|
||||||
diff --git a/policy/modules/system/lvm.if b/policy/modules/system/lvm.if
|
diff --git a/policy/modules/system/lvm.if b/policy/modules/system/lvm.if
|
||||||
index 58bc27f..ce880a6 100644
|
index 58bc27f..4e8728f 100644
|
||||||
--- a/policy/modules/system/lvm.if
|
--- a/policy/modules/system/lvm.if
|
||||||
+++ b/policy/modules/system/lvm.if
|
+++ b/policy/modules/system/lvm.if
|
||||||
@@ -86,6 +86,27 @@ interface(`lvm_read_config',`
|
@@ -86,6 +86,28 @@ interface(`lvm_read_config',`
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
## <summary>
|
## <summary>
|
||||||
@ -33596,6 +33596,7 @@ index 58bc27f..ce880a6 100644
|
|||||||
+#
|
+#
|
||||||
+interface(`lvm_read_metadata',`
|
+interface(`lvm_read_metadata',`
|
||||||
+ gen_require(`
|
+ gen_require(`
|
||||||
|
+ type lvm_etc_t;
|
||||||
+ type lvm_metadata_t;
|
+ type lvm_metadata_t;
|
||||||
+ ')
|
+ ')
|
||||||
+
|
+
|
||||||
@ -33609,7 +33610,7 @@ index 58bc27f..ce880a6 100644
|
|||||||
## Manage LVM configuration files.
|
## Manage LVM configuration files.
|
||||||
## </summary>
|
## </summary>
|
||||||
## <param name="domain">
|
## <param name="domain">
|
||||||
@@ -123,3 +144,113 @@ interface(`lvm_domtrans_clvmd',`
|
@@ -123,3 +145,113 @@ interface(`lvm_domtrans_clvmd',`
|
||||||
corecmd_search_bin($1)
|
corecmd_search_bin($1)
|
||||||
domtrans_pattern($1, clvmd_exec_t, clvmd_t)
|
domtrans_pattern($1, clvmd_exec_t, clvmd_t)
|
||||||
')
|
')
|
||||||
|
@ -25182,7 +25182,7 @@ index 9bbc690..4a8d053 100644
|
|||||||
role_transition $2 exim_initrc_exec_t system_r;
|
role_transition $2 exim_initrc_exec_t system_r;
|
||||||
allow $2 system_r;
|
allow $2 system_r;
|
||||||
diff --git a/exim.te b/exim.te
|
diff --git a/exim.te b/exim.te
|
||||||
index 4086c51..28105d6 100644
|
index 4086c51..3e7a990 100644
|
||||||
--- a/exim.te
|
--- a/exim.te
|
||||||
+++ b/exim.te
|
+++ b/exim.te
|
||||||
@@ -55,7 +55,7 @@ type exim_log_t;
|
@@ -55,7 +55,7 @@ type exim_log_t;
|
||||||
@ -25207,7 +25207,11 @@ index 4086c51..28105d6 100644
|
|||||||
corenet_all_recvfrom_netlabel(exim_t)
|
corenet_all_recvfrom_netlabel(exim_t)
|
||||||
corenet_tcp_sendrecv_generic_if(exim_t)
|
corenet_tcp_sendrecv_generic_if(exim_t)
|
||||||
corenet_udp_sendrecv_generic_if(exim_t)
|
corenet_udp_sendrecv_generic_if(exim_t)
|
||||||
@@ -154,7 +153,6 @@ auth_use_nsswitch(exim_t)
|
@@ -151,10 +150,10 @@ fs_getattr_xattr_fs(exim_t)
|
||||||
|
fs_list_inotifyfs(exim_t)
|
||||||
|
|
||||||
|
auth_use_nsswitch(exim_t)
|
||||||
|
+auth_domtrans_chk_passwd(exim_t)
|
||||||
|
|
||||||
logging_send_syslog_msg(exim_t)
|
logging_send_syslog_msg(exim_t)
|
||||||
|
|
||||||
@ -25215,7 +25219,7 @@ index 4086c51..28105d6 100644
|
|||||||
miscfiles_read_generic_certs(exim_t)
|
miscfiles_read_generic_certs(exim_t)
|
||||||
|
|
||||||
userdom_dontaudit_search_user_home_dirs(exim_t)
|
userdom_dontaudit_search_user_home_dirs(exim_t)
|
||||||
@@ -170,9 +168,9 @@ tunable_policy(`exim_can_connect_db',`
|
@@ -170,9 +169,9 @@ tunable_policy(`exim_can_connect_db',`
|
||||||
corenet_sendrecv_mssql_client_packets(exim_t)
|
corenet_sendrecv_mssql_client_packets(exim_t)
|
||||||
corenet_tcp_connect_mssql_port(exim_t)
|
corenet_tcp_connect_mssql_port(exim_t)
|
||||||
corenet_tcp_sendrecv_mssql_port(exim_t)
|
corenet_tcp_sendrecv_mssql_port(exim_t)
|
||||||
@ -25228,7 +25232,7 @@ index 4086c51..28105d6 100644
|
|||||||
')
|
')
|
||||||
|
|
||||||
tunable_policy(`exim_read_user_files',`
|
tunable_policy(`exim_read_user_files',`
|
||||||
@@ -186,8 +184,8 @@ tunable_policy(`exim_manage_user_files',`
|
@@ -186,8 +185,8 @@ tunable_policy(`exim_manage_user_files',`
|
||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
@ -25239,7 +25243,7 @@ index 4086c51..28105d6 100644
|
|||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
@@ -210,11 +208,6 @@ optional_policy(`
|
@@ -210,11 +209,6 @@ optional_policy(`
|
||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
@ -25251,7 +25255,7 @@ index 4086c51..28105d6 100644
|
|||||||
nagios_search_spool(exim_t)
|
nagios_search_spool(exim_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
@@ -236,6 +229,7 @@ optional_policy(`
|
@@ -236,6 +230,7 @@ optional_policy(`
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
procmail_domtrans(exim_t)
|
procmail_domtrans(exim_t)
|
||||||
|
Loading…
Reference in New Issue
Block a user