- Allow podsleuth to use tmpfs files
This commit is contained in:
parent
04b6828096
commit
4cdbdd6bd1
@ -3384,8 +3384,8 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+/usr/bin/pulseaudio -- gen_context(system_u:object_r:pulseaudio_exec_t,s0)
|
+/usr/bin/pulseaudio -- gen_context(system_u:object_r:pulseaudio_exec_t,s0)
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/pulseaudio.if serefpolicy-3.6.10/policy/modules/apps/pulseaudio.if
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/pulseaudio.if serefpolicy-3.6.10/policy/modules/apps/pulseaudio.if
|
||||||
--- nsaserefpolicy/policy/modules/apps/pulseaudio.if 1969-12-31 19:00:00.000000000 -0500
|
--- nsaserefpolicy/policy/modules/apps/pulseaudio.if 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ serefpolicy-3.6.10/policy/modules/apps/pulseaudio.if 2009-04-03 17:24:36.000000000 -0400
|
+++ serefpolicy-3.6.10/policy/modules/apps/pulseaudio.if 2009-04-06 08:51:37.000000000 -0400
|
||||||
@@ -0,0 +1,147 @@
|
@@ -0,0 +1,148 @@
|
||||||
+
|
+
|
||||||
+## <summary>policy for pulseaudio</summary>
|
+## <summary>policy for pulseaudio</summary>
|
||||||
+
|
+
|
||||||
@ -3470,6 +3470,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+interface(`pulseaudio_role',`
|
+interface(`pulseaudio_role',`
|
||||||
+ gen_require(`
|
+ gen_require(`
|
||||||
+ type pulseaudio_t, pulseaudio_exec_t, print_spool_t;
|
+ type pulseaudio_t, pulseaudio_exec_t, print_spool_t;
|
||||||
|
+ class dbus { send_msg };
|
||||||
+ ')
|
+ ')
|
||||||
+
|
+
|
||||||
+ role $1 types pulseaudio_t;
|
+ role $1 types pulseaudio_t;
|
||||||
@ -10708,7 +10709,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+')
|
+')
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.te serefpolicy-3.6.10/policy/modules/services/dbus.te
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.te serefpolicy-3.6.10/policy/modules/services/dbus.te
|
||||||
--- nsaserefpolicy/policy/modules/services/dbus.te 2009-01-19 11:06:49.000000000 -0500
|
--- nsaserefpolicy/policy/modules/services/dbus.te 2009-01-19 11:06:49.000000000 -0500
|
||||||
+++ serefpolicy-3.6.10/policy/modules/services/dbus.te 2009-03-30 10:09:41.000000000 -0400
|
+++ serefpolicy-3.6.10/policy/modules/services/dbus.te 2009-04-06 08:40:45.000000000 -0400
|
||||||
@@ -9,14 +9,15 @@
|
@@ -9,14 +9,15 @@
|
||||||
#
|
#
|
||||||
# Delcarations
|
# Delcarations
|
||||||
@ -10801,7 +10802,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
|
|
||||||
logging_send_audit_msgs(system_dbusd_t)
|
logging_send_audit_msgs(system_dbusd_t)
|
||||||
logging_send_syslog_msg(system_dbusd_t)
|
logging_send_syslog_msg(system_dbusd_t)
|
||||||
@@ -128,9 +149,37 @@
|
@@ -128,9 +149,38 @@
|
||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
@ -10838,6 +10839,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+')
|
+')
|
||||||
+
|
+
|
||||||
+allow dbusd_unconfined session_bus_type:dbus all_dbus_perms;
|
+allow dbusd_unconfined session_bus_type:dbus all_dbus_perms;
|
||||||
|
+allow dbusd_unconfined dbusd_unconfined:dbus all_dbus_perms;
|
||||||
+allow session_bus_type dbusd_unconfined:dbus send_msg;
|
+allow session_bus_type dbusd_unconfined:dbus send_msg;
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dcc.fc serefpolicy-3.6.10/policy/modules/services/dcc.fc
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dcc.fc serefpolicy-3.6.10/policy/modules/services/dcc.fc
|
||||||
--- nsaserefpolicy/policy/modules/services/dcc.fc 2008-08-07 11:15:11.000000000 -0400
|
--- nsaserefpolicy/policy/modules/services/dcc.fc 2008-08-07 11:15:11.000000000 -0400
|
||||||
@ -16403,7 +16405,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
/usr/sbin/postkick -- gen_context(system_u:object_r:postfix_master_exec_t,s0)
|
/usr/sbin/postkick -- gen_context(system_u:object_r:postfix_master_exec_t,s0)
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfix.if serefpolicy-3.6.10/policy/modules/services/postfix.if
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfix.if serefpolicy-3.6.10/policy/modules/services/postfix.if
|
||||||
--- nsaserefpolicy/policy/modules/services/postfix.if 2009-01-19 11:06:49.000000000 -0500
|
--- nsaserefpolicy/policy/modules/services/postfix.if 2009-01-19 11:06:49.000000000 -0500
|
||||||
+++ serefpolicy-3.6.10/policy/modules/services/postfix.if 2009-03-30 10:09:41.000000000 -0400
|
+++ serefpolicy-3.6.10/policy/modules/services/postfix.if 2009-04-06 08:26:28.000000000 -0400
|
||||||
@@ -46,6 +46,7 @@
|
@@ -46,6 +46,7 @@
|
||||||
|
|
||||||
allow postfix_$1_t postfix_etc_t:dir list_dir_perms;
|
allow postfix_$1_t postfix_etc_t:dir list_dir_perms;
|
||||||
@ -27760,7 +27762,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+/dev/shm/mono.* gen_context(system_u:object_r:user_tmpfs_t,s0)
|
+/dev/shm/mono.* gen_context(system_u:object_r:user_tmpfs_t,s0)
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-3.6.10/policy/modules/system/userdomain.if
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-3.6.10/policy/modules/system/userdomain.if
|
||||||
--- nsaserefpolicy/policy/modules/system/userdomain.if 2009-01-19 11:07:34.000000000 -0500
|
--- nsaserefpolicy/policy/modules/system/userdomain.if 2009-01-19 11:07:34.000000000 -0500
|
||||||
+++ serefpolicy-3.6.10/policy/modules/system/userdomain.if 2009-04-03 16:55:31.000000000 -0400
|
+++ serefpolicy-3.6.10/policy/modules/system/userdomain.if 2009-04-06 08:22:27.000000000 -0400
|
||||||
@@ -30,8 +30,9 @@
|
@@ -30,8 +30,9 @@
|
||||||
')
|
')
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user