trunk: Backup update on Debian from Vaclav Ovsik.
This commit is contained in:
parent
51223bfc56
commit
45b56b01e8
@ -1,4 +1,5 @@
|
||||
- Cracklib update on Deban from Vaclav Ovsik.
|
||||
- Backup update on Debian from Vaclav Ovsik.
|
||||
- Cracklib update on Debian from Vaclav Ovsik.
|
||||
- Label /proc/kallsyms with system_map_t.
|
||||
- 64-bit capabilities from Stephen Smalley.
|
||||
- Labeled networking peer object class updates.
|
||||
|
@ -4,4 +4,10 @@
|
||||
# backup_store_t, Debian uses /var/backups
|
||||
|
||||
#/usr/local/bin/backup-script -- gen_context(system_u:object_r:backup_exec_t,s0)
|
||||
|
||||
ifdef(`distro_debian',`
|
||||
/etc/cron.daily/aptitude -- gen_context(system_u:object_r:backup_exec_t,s0)
|
||||
/etc/cron.daily/standard -- gen_context(system_u:object_r:backup_exec_t,s0)
|
||||
')
|
||||
|
||||
/var/backups(/.*)? gen_context(system_u:object_r:backup_store_t,s0)
|
||||
|
@ -1,5 +1,5 @@
|
||||
|
||||
policy_module(backup,1.2.0)
|
||||
policy_module(backup,1.2.1)
|
||||
|
||||
########################################
|
||||
#
|
||||
@ -27,7 +27,7 @@ allow backup_t self:tcp_socket create_socket_perms;
|
||||
allow backup_t self:udp_socket create_socket_perms;
|
||||
|
||||
allow backup_t backup_store_t:file setattr;
|
||||
create_files_pattern(backup_t,backup_store_t,backup_store_t)
|
||||
manage_files_pattern(backup_t,backup_store_t,backup_store_t)
|
||||
rw_files_pattern(backup_t,backup_store_t,backup_store_t)
|
||||
read_lnk_files_pattern(backup_t,backup_store_t,backup_store_t)
|
||||
|
||||
@ -35,6 +35,7 @@ kernel_read_system_state(backup_t)
|
||||
kernel_read_kernel_sysctls(backup_t)
|
||||
|
||||
corecmd_exec_bin(backup_t)
|
||||
corecmd_exec_shell(backup_t)
|
||||
|
||||
corenet_all_recvfrom_unlabeled(backup_t)
|
||||
corenet_all_recvfrom_netlabel(backup_t)
|
||||
|
@ -3,7 +3,6 @@
|
||||
/usr/sbin/logrotate -- gen_context(system_u:object_r:logrotate_exec_t,s0)
|
||||
|
||||
ifdef(`distro_debian', `
|
||||
/usr/bin/savelog -- gen_context(system_u:object_r:logrotate_exec_t,s0)
|
||||
/var/lib/logrotate(/.*)? gen_context(system_u:object_r:logrotate_var_lib_t,s0)
|
||||
', `
|
||||
/var/lib/logrotate\.status -- gen_context(system_u:object_r:logrotate_var_lib_t,s0)
|
||||
|
@ -1,5 +1,5 @@
|
||||
|
||||
policy_module(logrotate,1.7.0)
|
||||
policy_module(logrotate,1.7.1)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
Loading…
Reference in New Issue
Block a user