reorder to work around module compiler bug
This commit is contained in:
parent
70fe5a3e6e
commit
672a1570c8
@ -25,12 +25,6 @@ unconfined_domain_template(unconfined_t)
|
|||||||
logging_send_syslog_msg(unconfined_t)
|
logging_send_syslog_msg(unconfined_t)
|
||||||
|
|
||||||
ifdef(`targeted_policy',`
|
ifdef(`targeted_policy',`
|
||||||
# compatibility for switching from strict
|
|
||||||
dominance { role secadm_r { role system_r; }}
|
|
||||||
dominance { role sysadm_r { role system_r; }}
|
|
||||||
dominance { role user_r { role system_r; }}
|
|
||||||
dominance { role staff_r { role system_r; }}
|
|
||||||
|
|
||||||
allow unconfined_t self:system syslog_read;
|
allow unconfined_t self:system syslog_read;
|
||||||
dontaudit unconfined_t self:capability sys_module;
|
dontaudit unconfined_t self:capability sys_module;
|
||||||
|
|
||||||
|
@ -64,6 +64,12 @@ ifdef(`targeted_policy',`
|
|||||||
files_associate_tmp(user_home_dir_t)
|
files_associate_tmp(user_home_dir_t)
|
||||||
fs_associate_tmpfs(user_home_dir_t)
|
fs_associate_tmpfs(user_home_dir_t)
|
||||||
|
|
||||||
|
# compatibility for switching from strict
|
||||||
|
dominance { role secadm_r { role system_r; }}
|
||||||
|
dominance { role sysadm_r { role system_r; }}
|
||||||
|
dominance { role user_r { role system_r; }}
|
||||||
|
dominance { role staff_r { role system_r; }}
|
||||||
|
|
||||||
# dont need to use the full role_change()
|
# dont need to use the full role_change()
|
||||||
allow sysadm_r system_r;
|
allow sysadm_r system_r;
|
||||||
allow sysadm_r user_r;
|
allow sysadm_r user_r;
|
||||||
|
Loading…
Reference in New Issue
Block a user