semodule needs to manage the file contexts

This commit is contained in:
Chris PeBenito 2006-03-29 19:18:00 +00:00
parent 9779f09284
commit 55b190552b
2 changed files with 23 additions and 2 deletions

View File

@ -702,6 +702,27 @@ interface(`seutil_rw_file_contexts',`
allow $1 file_context_t:lnk_file { getattr read };
')
########################################
## <summary>
## Create, read, write, and delete the file_contexts files.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`seutil_manage_file_contexts',`
gen_require(`
type selinux_config_t, file_context_t;
')
files_search_etc($1)
allow $1 selinux_config_t:dir search_dir_perms;
allow $1 file_context_t:dir rw_dir_perms;
allow $1 file_context_t:file manage_file_perms;
')
########################################
#
# seutil_read_bin_policy(domain)

View File

@ -1,5 +1,5 @@
policy_module(selinuxutil,1.2.1)
policy_module(selinuxutil,1.2.2)
gen_require(`
bool secure_mode;
@ -518,7 +518,7 @@ libs_use_shared_libs(semanage_t)
libs_use_lib_files(semanage_t)
seutil_search_default_contexts(semanage_t)
seutil_rw_file_contexts(semanage_t)
seutil_manage_file_contexts(semanage_t)
seutil_manage_selinux_config(semanage_t)
seutil_domtrans_setfiles(semanage_t)
seutil_domtrans_loadpolicy(semanage_t)