fixes uncovered by sediff
This commit is contained in:
parent
f3936d3876
commit
62841791a5
@ -75,6 +75,7 @@ corenet_raw_sendrecv_all_nodes(system_mail_t)
|
|||||||
corenet_tcp_sendrecv_all_ports(system_mail_t)
|
corenet_tcp_sendrecv_all_ports(system_mail_t)
|
||||||
corenet_tcp_bind_all_nodes(system_mail_t)
|
corenet_tcp_bind_all_nodes(system_mail_t)
|
||||||
corenet_tcp_connect_smtp_port(system_mail_t)
|
corenet_tcp_connect_smtp_port(system_mail_t)
|
||||||
|
corenet_tcp_connect_all_ports(system_mail_t)
|
||||||
|
|
||||||
dev_read_rand(system_mail_t)
|
dev_read_rand(system_mail_t)
|
||||||
dev_read_urand(system_mail_t)
|
dev_read_urand(system_mail_t)
|
||||||
|
@ -34,12 +34,14 @@ allow telnetd_t self:netlink_tcpdiag_socket r_netlink_socket_perms;
|
|||||||
allow telnetd_t self:capability { setuid setgid };
|
allow telnetd_t self:capability { setuid setgid };
|
||||||
|
|
||||||
allow telnetd_t telnetd_devpts_t:chr_file { rw_file_perms setattr };
|
allow telnetd_t telnetd_devpts_t:chr_file { rw_file_perms setattr };
|
||||||
|
term_create_pty(telnetd_t,telnetd_devpts_t)
|
||||||
|
|
||||||
allow telnetd_t telnetd_tmp_t:dir create_dir_perms;
|
allow telnetd_t telnetd_tmp_t:dir create_dir_perms;
|
||||||
allow telnetd_t telnetd_tmp_t:file create_file_perms;
|
allow telnetd_t telnetd_tmp_t:file create_file_perms;
|
||||||
files_create_tmp_files(telnetd_t, telnetd_tmp_t, { file dir })
|
files_create_tmp_files(telnetd_t, telnetd_tmp_t, { file dir })
|
||||||
|
|
||||||
allow telnetd_t telnetd_var_run_t:file create_file_perms;
|
allow telnetd_t telnetd_var_run_t:file create_file_perms;
|
||||||
|
allow telnetd_t telnetd_var_run_t:dir rw_file_perms;
|
||||||
files_create_pid(telnetd_t,telnetd_var_run_t)
|
files_create_pid(telnetd_t,telnetd_var_run_t)
|
||||||
|
|
||||||
kernel_read_kernel_sysctl(telnetd_t)
|
kernel_read_kernel_sysctl(telnetd_t)
|
||||||
@ -63,6 +65,8 @@ fs_getattr_xattr_fs(telnetd_t)
|
|||||||
|
|
||||||
auth_rw_login_records(telnetd_t)
|
auth_rw_login_records(telnetd_t)
|
||||||
|
|
||||||
|
corecmd_search_sbin(telnetd_t)
|
||||||
|
|
||||||
files_read_etc_files(telnetd_t)
|
files_read_etc_files(telnetd_t)
|
||||||
files_read_etc_runtime_files(telnetd_t)
|
files_read_etc_runtime_files(telnetd_t)
|
||||||
# for identd; cjp: this should probably only be inetd_child rules?
|
# for identd; cjp: this should probably only be inetd_child rules?
|
||||||
|
Loading…
Reference in New Issue
Block a user