rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

fix ordering of interface calls in lvm.

Browse Source
This commit is contained in:
Chris PeBenito 2009-08-05 10:07:35 -04:00
parent 8cd1306e5b
commit 568efbe895
1 changed files with 18 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
policy/modules/system/lvm.te
View File

@ -215,12 +215,8 @@ kernel_read_kernel_sysctls(lvm_t)
kernel_dontaudit_getattr_core_if(lvm_t)
kernel_use_fds(lvm_t)
selinux_get_fs_mount(lvm_t)
selinux_validate_context(lvm_t)
selinux_compute_access_vector(lvm_t)
selinux_compute_create_context(lvm_t)
selinux_compute_relabel_context(lvm_t)
selinux_compute_user_contexts(lvm_t)
corecmd_exec_bin(lvm_t)
corecmd_exec_shell(lvm_t)
dev_create_generic_chr_files(lvm_t)
dev_delete_generic_dirs(lvm_t)
@ -244,6 +240,15 @@ dev_dontaudit_getattr_generic_blk_files(lvm_t)
dev_dontaudit_getattr_generic_pipes(lvm_t)
dev_create_generic_dirs(lvm_t)
domain_use_interactive_fds(lvm_t)
domain_read_all_domains_state(lvm_t)
files_read_usr_files(lvm_t)
files_read_etc_files(lvm_t)
files_read_etc_runtime_files(lvm_t)
# for when /usr is not mounted:
files_dontaudit_search_isid_type_dirs(lvm_t)
fs_getattr_xattr_fs(lvm_t)
fs_search_auto_mountpoints(lvm_t)
fs_list_tmpfs(lvm_t)
@ -251,6 +256,13 @@ fs_read_tmpfs_symlinks(lvm_t)
fs_dontaudit_read_removable_files(lvm_t)
fs_dontaudit_getattr_tmpfs_files(lvm_t)
selinux_get_fs_mount(lvm_t)
selinux_validate_context(lvm_t)
selinux_compute_access_vector(lvm_t)
selinux_compute_create_context(lvm_t)
selinux_compute_relabel_context(lvm_t)
selinux_compute_user_contexts(lvm_t)
storage_relabel_fixed_disk(lvm_t)
storage_dontaudit_read_removable_device(lvm_t)
# LVM creates block devices in /dev/mapper or /dev/<vg>
@ -262,18 +274,6 @@ storage_dev_filetrans_fixed_disk(lvm_t)
# Access raw devices and old /dev/lvm (c 109,0). Is this needed?
storage_manage_fixed_disk(lvm_t)
corecmd_exec_bin(lvm_t)
corecmd_exec_shell(lvm_t)
domain_use_interactive_fds(lvm_t)
domain_read_all_domains_state(lvm_t)
files_read_usr_files(lvm_t)
files_read_etc_files(lvm_t)
files_read_etc_runtime_files(lvm_t)
# for when /usr is not mounted:
files_dontaudit_search_isid_type_dirs(lvm_t)
init_use_fds(lvm_t)
init_dontaudit_getattr_initctl(lvm_t)
init_use_script_ptys(lvm_t)