rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

trunk: confine sendmail and logrotate on targeted

Browse Source
This commit is contained in:
Chris PeBenito 2007-06-19 17:01:39 +00:00
parent cb10a2d5bf
commit 6c8aba7b31
3 changed files with 3 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Changelog
View File

@ -1,3 +1,4 @@
- Confine sendmail and logrotate on targeted.
- Tunable connection to postgresql for users from KaiGai Kohei. - Tunable connection to postgresql for users from KaiGai Kohei.
- Memprotect support patch from Stephen Smalley. - Memprotect support patch from Stephen Smalley.
- Add logging_send_audit_msgs() interface and deprecate - Add logging_send_audit_msgs() interface and deprecate

6
policy/modules/admin/logrotate.te
View File

@ -1,5 +1,5 @@
policy_module(logrotate,1.4.0) policy_module(logrotate,1.4.1)
######################################## ########################################
# #
@ -130,10 +130,6 @@ ifdef(`distro_debian', `
can_exec(logrotate_t, logrotate_exec_t) can_exec(logrotate_t, logrotate_exec_t)
') ')
ifdef(`targeted_policy',`
unconfined_domain(logrotate_t)
')
optional_policy(` optional_policy(`
acct_domtrans(logrotate_t) acct_domtrans(logrotate_t)
acct_manage_data(logrotate_t) acct_manage_data(logrotate_t)

3
policy/modules/services/sendmail.te
View File

@ -1,5 +1,5 @@
policy_module(sendmail,1.4.1) policy_module(sendmail,1.4.2)
######################################## ########################################
# #
@ -107,7 +107,6 @@ mta_manage_queue(sendmail_t)
mta_manage_spool(sendmail_t) mta_manage_spool(sendmail_t)
ifdef(`targeted_policy',` ifdef(`targeted_policy',`
unconfined_domain(sendmail_t)
term_dontaudit_use_unallocated_ttys(sendmail_t) term_dontaudit_use_unallocated_ttys(sendmail_t)
term_dontaudit_use_generic_ptys(sendmail_t) term_dontaudit_use_generic_ptys(sendmail_t)
files_dontaudit_read_root_files(sendmail_t) files_dontaudit_read_root_files(sendmail_t)