change eventpollfs labeling to task sid
This commit is contained in:
Chris PeBenito
parent
c467d98e85
commit
81a016f501
|
|
@ -1,3 +1,4 @@
|
|||
- Change eventpollfs to task SID labeling.
|
||||
- Add key support from Michael LeMay.
|
||||
- Add ftpdctl domain to ftp, from Paul Howarth.
|
||||
- Fix build system to not move type declarations out of optionals.
|
||||
|
|
|
|||
|
|
@ -1019,8 +1019,17 @@ interface(`fs_relabelfrom_dos_fs',`
|
|||
|
||||
########################################
|
||||
## <summary>
|
||||
## Read eventpollfs files
|
||||
## Read eventpollfs files.
|
||||
## </summary>
|
||||
## <desc>
|
||||
## <p>
|
||||
## Read eventpollfs files
|
||||
## </p>
|
||||
## <p>
|
||||
## This interface has been deprecated, and will
|
||||
## be removed in the future.
|
||||
## </p>
|
||||
## </desc>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
|
|
@ -1028,12 +1037,7 @@ interface(`fs_relabelfrom_dos_fs',`
|
|||
## </param>
|
||||
#
|
||||
interface(`fs_read_eventpollfs',`
|
||||
gen_require(`
|
||||
type eventpollfs_t;
|
||||
')
|
||||
|
||||
allow $1 eventpollfs_t:dir search_dir_perms;
|
||||
allow $1 eventpollfs_t:file r_file_perms;
|
||||
errprint(__file__:__line__:` $0($*) has been deprecated.'__endline__)
|
||||
')
|
||||
|
||||
########################################
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
|
||||
policy_module(filesystem,1.3.11)
|
||||
policy_module(filesystem,1.3.12)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
|
@ -32,6 +32,7 @@ fs_use_xattr xfs gen_context(system_u:object_r:fs_t,s0);
|
|||
# This is appropriate for pseudo filesystems that represent objects
|
||||
# like pipes and sockets, so that these objects are labeled with the same
|
||||
# type as the creating task.
|
||||
fs_use_task eventpollfs gen_context(system_u:object_r:fs_t,s0);
|
||||
fs_use_task pipefs gen_context(system_u:object_r:fs_t,s0);
|
||||
fs_use_task sockfs gen_context(system_u:object_r:fs_t,s0);
|
||||
|
||||
|
|
@ -58,7 +59,8 @@ genfscon configfs / gen_context(system_u:object_r:configfs_t,s0)
|
|||
|
||||
type eventpollfs_t;
|
||||
fs_type(eventpollfs_t)
|
||||
genfscon eventpollfs / gen_context(system_u:object_r:eventpollfs_t,s0)
|
||||
# change to task SID 20060628
|
||||
#genfscon eventpollfs / gen_context(system_u:object_r:eventpollfs_t,s0)
|
||||
|
||||
type futexfs_t;
|
||||
fs_type(futexfs_t)
|
||||
|
|
|
|||
|
|
@ -179,7 +179,6 @@ template(`apache_content_template',`
|
|||
dev_read_urand(httpd_$1_script_t)
|
||||
|
||||
fs_getattr_xattr_fs(httpd_$1_script_t)
|
||||
fs_read_eventpollfs(httpd_$1_script_t)
|
||||
|
||||
files_read_etc_runtime_files(httpd_$1_script_t)
|
||||
files_read_usr_files(httpd_$1_script_t)
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
|
||||
policy_module(apache,1.3.14)
|
||||
policy_module(apache,1.3.15)
|
||||
|
||||
#
|
||||
# NOTES:
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
|
||||
policy_module(mta,1.3.6)
|
||||
policy_module(mta,1.3.7)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
|
@ -56,8 +56,6 @@ kernel_read_network_state(system_mail_t)
|
|||
dev_read_rand(system_mail_t)
|
||||
dev_read_urand(system_mail_t)
|
||||
|
||||
fs_read_eventpollfs(system_mail_t)
|
||||
|
||||
init_use_script_ptys(system_mail_t)
|
||||
|
||||
userdom_use_sysadm_terms(system_mail_t)
|
||||
|
|
|
|||
Loading…
Reference in New Issue