- Allow podsleuth to use tmpfs files
This commit is contained in:
parent
04b6828096
commit
4cdbdd6bd1
@ -3384,8 +3384,8 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||
+/usr/bin/pulseaudio -- gen_context(system_u:object_r:pulseaudio_exec_t,s0)
|
||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/pulseaudio.if serefpolicy-3.6.10/policy/modules/apps/pulseaudio.if
|
||||
--- nsaserefpolicy/policy/modules/apps/pulseaudio.if 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ serefpolicy-3.6.10/policy/modules/apps/pulseaudio.if 2009-04-03 17:24:36.000000000 -0400
|
||||
@@ -0,0 +1,147 @@
|
||||
+++ serefpolicy-3.6.10/policy/modules/apps/pulseaudio.if 2009-04-06 08:51:37.000000000 -0400
|
||||
@@ -0,0 +1,148 @@
|
||||
+
|
||||
+## <summary>policy for pulseaudio</summary>
|
||||
+
|
||||
@ -3470,6 +3470,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||
+interface(`pulseaudio_role',`
|
||||
+ gen_require(`
|
||||
+ type pulseaudio_t, pulseaudio_exec_t, print_spool_t;
|
||||
+ class dbus { send_msg };
|
||||
+ ')
|
||||
+
|
||||
+ role $1 types pulseaudio_t;
|
||||
@ -10708,7 +10709,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||
+')
|
||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.te serefpolicy-3.6.10/policy/modules/services/dbus.te
|
||||
--- nsaserefpolicy/policy/modules/services/dbus.te 2009-01-19 11:06:49.000000000 -0500
|
||||
+++ serefpolicy-3.6.10/policy/modules/services/dbus.te 2009-03-30 10:09:41.000000000 -0400
|
||||
+++ serefpolicy-3.6.10/policy/modules/services/dbus.te 2009-04-06 08:40:45.000000000 -0400
|
||||
@@ -9,14 +9,15 @@
|
||||
#
|
||||
# Delcarations
|
||||
@ -10801,7 +10802,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||
|
||||
logging_send_audit_msgs(system_dbusd_t)
|
||||
logging_send_syslog_msg(system_dbusd_t)
|
||||
@@ -128,9 +149,37 @@
|
||||
@@ -128,9 +149,38 @@
|
||||
')
|
||||
|
||||
optional_policy(`
|
||||
@ -10838,6 +10839,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||
+')
|
||||
+
|
||||
+allow dbusd_unconfined session_bus_type:dbus all_dbus_perms;
|
||||
+allow dbusd_unconfined dbusd_unconfined:dbus all_dbus_perms;
|
||||
+allow session_bus_type dbusd_unconfined:dbus send_msg;
|
||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dcc.fc serefpolicy-3.6.10/policy/modules/services/dcc.fc
|
||||
--- nsaserefpolicy/policy/modules/services/dcc.fc 2008-08-07 11:15:11.000000000 -0400
|
||||
@ -16403,7 +16405,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||
/usr/sbin/postkick -- gen_context(system_u:object_r:postfix_master_exec_t,s0)
|
||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfix.if serefpolicy-3.6.10/policy/modules/services/postfix.if
|
||||
--- nsaserefpolicy/policy/modules/services/postfix.if 2009-01-19 11:06:49.000000000 -0500
|
||||
+++ serefpolicy-3.6.10/policy/modules/services/postfix.if 2009-03-30 10:09:41.000000000 -0400
|
||||
+++ serefpolicy-3.6.10/policy/modules/services/postfix.if 2009-04-06 08:26:28.000000000 -0400
|
||||
@@ -46,6 +46,7 @@
|
||||
|
||||
allow postfix_$1_t postfix_etc_t:dir list_dir_perms;
|
||||
@ -27760,7 +27762,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||
+/dev/shm/mono.* gen_context(system_u:object_r:user_tmpfs_t,s0)
|
||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-3.6.10/policy/modules/system/userdomain.if
|
||||
--- nsaserefpolicy/policy/modules/system/userdomain.if 2009-01-19 11:07:34.000000000 -0500
|
||||
+++ serefpolicy-3.6.10/policy/modules/system/userdomain.if 2009-04-03 16:55:31.000000000 -0400
|
||||
+++ serefpolicy-3.6.10/policy/modules/system/userdomain.if 2009-04-06 08:22:27.000000000 -0400
|
||||
@@ -30,8 +30,9 @@
|
||||
')
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user