rpms/selinux-policy
5
0
Fork 0
Code Issues Pull Requests Releases Activity

trunk: missed fixes on previous commit.

Browse Source
This commit is contained in:
Chris PeBenito 2008-08-07 14:45:37 +00:00
parent 8a948caf2b
commit 7aabe358f4
3 changed files with 6 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
policy/modules/apps/usernetctl.if
View File

@ -66,6 +66,6 @@ interface(`usernetctl_run',`
optional_policy(` optional_policy(`
ppp_run(usernetctl_t,$2,$3) ppp_run(usernetctl_t, $2, $3)
') ')
') ')

23
policy/modules/kernel/storage.if
View File

@ -79,26 +79,6 @@ interface(`storage_dontaudit_setattr_fixed_disk_dev',`
dontaudit $1 fixed_disk_device_t:blk_file setattr; dontaudit $1 fixed_disk_device_t:blk_file setattr;
') ')
########################################
## <summary>
## dontaudit the caller attempts to read from a fixed disk.
## </summary>
## <param name="domain">
## <summary>
## The type of the process performing this action.
## </summary>
## </param>
#
interface(`storage_dontaudit_raw_read_fixed_disk',`
gen_require(`
attribute fixed_disk_raw_read;
type fixed_disk_device_t;
')
dontaudit $1 fixed_disk_device_t:blk_file read_blk_file_perms;
dontaudit $1 fixed_disk_device_t:chr_file read_chr_file_perms;
')
######################################## ########################################
## <summary> ## <summary>
## Allow the caller to directly read from a fixed disk. ## Allow the caller to directly read from a fixed disk.
@ -141,7 +121,8 @@ interface(`storage_dontaudit_read_fixed_disk',`
') ')
dontaudit $1 fixed_disk_device_t:blk_file { getattr ioctl read }; dontaudit $1 fixed_disk_device_t:blk_file read_blk_file_perms;
dontaudit $1 fixed_disk_device_t:chr_file read_chr_file_perms;
') ')
######################################## ########################################

5
policy/modules/services/rsync.te
View File

@ -61,6 +61,9 @@ allow rsync_t rsync_data_t:dir list_dir_perms;
read_files_pattern(rsync_t, rsync_data_t, rsync_data_t) read_files_pattern(rsync_t, rsync_data_t, rsync_data_t)
read_lnk_files_pattern(rsync_t, rsync_data_t, rsync_data_t) read_lnk_files_pattern(rsync_t, rsync_data_t, rsync_data_t)
manage_files_pattern(rsync_t, rsync_log_t, rsync_log_t)
logging_log_filetrans(rsync_t, rsync_log_t, file)
manage_dirs_pattern(rsync_t, rsync_tmp_t, rsync_tmp_t) manage_dirs_pattern(rsync_t, rsync_tmp_t, rsync_tmp_t)
manage_files_pattern(rsync_t, rsync_tmp_t, rsync_tmp_t) manage_files_pattern(rsync_t, rsync_tmp_t, rsync_tmp_t)
files_tmp_filetrans(rsync_t, rsync_tmp_t, { file dir }) files_tmp_filetrans(rsync_t, rsync_tmp_t, { file dir })
@ -97,8 +100,6 @@ libs_use_ld_so(rsync_t)
libs_use_shared_libs(rsync_t) libs_use_shared_libs(rsync_t)
logging_send_syslog_msg(rsync_t) logging_send_syslog_msg(rsync_t)
manage_files_pattern(rsync_t,rsync_log_t,rsync_log_t)
logging_log_filetrans(rsync_t,rsync_log_t,file)
miscfiles_read_localization(rsync_t) miscfiles_read_localization(rsync_t)
miscfiles_read_public_files(rsync_t) miscfiles_read_public_files(rsync_t)