Style fixes and module version bumps for 38fc1bd.
This commit is contained in:
Chris PeBenito
parent
38fc1bd180
commit
827060cb04
|
|
@ -4,6 +4,7 @@
|
||||||
cobbler (Dominick Grift)
|
cobbler (Dominick Grift)
|
||||||
dbadm (KaiGai Kohei)
|
dbadm (KaiGai Kohei)
|
||||||
nut (Stefan Schulze Frielinghaus, Miroslav Grepl)
|
nut (Stefan Schulze Frielinghaus, Miroslav Grepl)
|
||||||
|
likewise (Scott Salley)
|
||||||
pyicqt (Stefan Schulze Frielinghaus)
|
pyicqt (Stefan Schulze Frielinghaus)
|
||||||
sectoolm (Miroslav Grepl)
|
sectoolm (Miroslav Grepl)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
|
|
||||||
policy_module(corenetwork, 1.13.8)
|
policy_module(corenetwork, 1.13.9)
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
#
|
#
|
||||||
|
|
|
||||||
|
|
@ -2921,24 +2921,6 @@ interface(`files_dontaudit_getattr_home_dir',`
|
||||||
dontaudit $1 home_root_t:dir getattr;
|
dontaudit $1 home_root_t:dir getattr;
|
||||||
')
|
')
|
||||||
|
|
||||||
########################################
|
|
||||||
## <summary>
|
|
||||||
## Relabel to user home root (/home).
|
|
||||||
## </summary>
|
|
||||||
## <param name="domain">
|
|
||||||
## <summary>
|
|
||||||
## Domain allowed access.
|
|
||||||
## </summary>
|
|
||||||
## </param>
|
|
||||||
#
|
|
||||||
interface(`files_relabelto_home',`
|
|
||||||
gen_require(`
|
|
||||||
type home_root_t;
|
|
||||||
')
|
|
||||||
|
|
||||||
allow $1 home_root_t:dir relabelto;
|
|
||||||
')
|
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
## <summary>
|
## <summary>
|
||||||
## Search home directories root (/home).
|
## Search home directories root (/home).
|
||||||
|
|
@ -3013,6 +2995,24 @@ interface(`files_list_home',`
|
||||||
allow $1 home_root_t:dir list_dir_perms;
|
allow $1 home_root_t:dir list_dir_perms;
|
||||||
')
|
')
|
||||||
|
|
||||||
|
########################################
|
||||||
|
## <summary>
|
||||||
|
## Relabel to user home root (/home).
|
||||||
|
## </summary>
|
||||||
|
## <param name="domain">
|
||||||
|
## <summary>
|
||||||
|
## Domain allowed access.
|
||||||
|
## </summary>
|
||||||
|
## </param>
|
||||||
|
#
|
||||||
|
interface(`files_relabelto_home',`
|
||||||
|
gen_require(`
|
||||||
|
type home_root_t;
|
||||||
|
')
|
||||||
|
|
||||||
|
allow $1 home_root_t:dir relabelto;
|
||||||
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
## <summary>
|
## <summary>
|
||||||
## Create objects in /home.
|
## Create objects in /home.
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
|
|
||||||
policy_module(files, 1.12.3)
|
policy_module(files, 1.12.4)
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
#
|
#
|
||||||
|
|
|
||||||
|
|
@ -202,7 +202,6 @@ interface(`kerberos_read_keytab',`
|
||||||
## Domain allowed access.
|
## Domain allowed access.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
## <rolecap/>
|
|
||||||
#
|
#
|
||||||
interface(`kerberos_rw_keytab',`
|
interface(`kerberos_rw_keytab',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
|
|
||||||
policy_module(kerberos, 1.10.1)
|
policy_module(kerberos, 1.10.2)
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
#
|
#
|
||||||
|
|
|
||||||
|
|
@ -1,54 +1,54 @@
|
||||||
/etc/likewise-open(/.*)? gen_context(system_u:object_r:likewise_etc_t,s0)
|
/etc/likewise-open(/.*)? gen_context(system_u:object_r:likewise_etc_t,s0)
|
||||||
/etc/likewise-open/.pstore.lock -- gen_context(system_u:object_r:likewise_pstore_lock_t,s0)
|
/etc/likewise-open/.pstore.lock -- gen_context(system_u:object_r:likewise_pstore_lock_t,s0)
|
||||||
/etc/likewise-open/likewise-krb5-ad.conf -- gen_context(system_u:object_r:likewise_krb5_ad_t,s0)
|
/etc/likewise-open/likewise-krb5-ad.conf -- gen_context(system_u:object_r:likewise_krb5_ad_t,s0)
|
||||||
|
|
||||||
/etc/rc\.d/init\.d/dcerpcd -- gen_context(system_u:object_r:likewise_initrc_exec_t,s0)
|
/etc/rc\.d/init\.d/dcerpcd -- gen_context(system_u:object_r:likewise_initrc_exec_t,s0)
|
||||||
/etc/rc\.d/init\.d/eventlogd -- gen_context(system_u:object_r:likewise_initrc_exec_t,s0)
|
/etc/rc\.d/init\.d/eventlogd -- gen_context(system_u:object_r:likewise_initrc_exec_t,s0)
|
||||||
/etc/rc\.d/init\.d/lsassd -- gen_context(system_u:object_r:likewise_initrc_exec_t,s0)
|
/etc/rc\.d/init\.d/lsassd -- gen_context(system_u:object_r:likewise_initrc_exec_t,s0)
|
||||||
/etc/rc\.d/init\.d/lwiod -- gen_context(system_u:object_r:likewise_initrc_exec_t,s0)
|
/etc/rc\.d/init\.d/lwiod -- gen_context(system_u:object_r:likewise_initrc_exec_t,s0)
|
||||||
/etc/rc\.d/init\.d/lwregd -- gen_context(system_u:object_r:likewise_initrc_exec_t,s0)
|
/etc/rc\.d/init\.d/lwregd -- gen_context(system_u:object_r:likewise_initrc_exec_t,s0)
|
||||||
/etc/rc\.d/init\.d/lwsmd -- gen_context(system_u:object_r:likewise_initrc_exec_t,s0)
|
/etc/rc\.d/init\.d/lwsmd -- gen_context(system_u:object_r:likewise_initrc_exec_t,s0)
|
||||||
/etc/rc\.d/init\.d/netlogond -- gen_context(system_u:object_r:likewise_initrc_exec_t,s0)
|
/etc/rc\.d/init\.d/netlogond -- gen_context(system_u:object_r:likewise_initrc_exec_t,s0)
|
||||||
/etc/rc\.d/init\.d/srvsvcd -- gen_context(system_u:object_r:likewise_initrc_exec_t,s0)
|
/etc/rc\.d/init\.d/srvsvcd -- gen_context(system_u:object_r:likewise_initrc_exec_t,s0)
|
||||||
|
|
||||||
/usr/sbin/dcerpcd -- gen_context(system_u:object_r:dcerpcd_exec_t,s0)
|
/usr/sbin/dcerpcd -- gen_context(system_u:object_r:dcerpcd_exec_t,s0)
|
||||||
/usr/sbin/eventlogd -- gen_context(system_u:object_r:eventlogd_exec_t,s0)
|
/usr/sbin/eventlogd -- gen_context(system_u:object_r:eventlogd_exec_t,s0)
|
||||||
/usr/sbin/lsassd -- gen_context(system_u:object_r:lsassd_exec_t,s0)
|
/usr/sbin/lsassd -- gen_context(system_u:object_r:lsassd_exec_t,s0)
|
||||||
/usr/sbin/lwiod -- gen_context(system_u:object_r:lwiod_exec_t,s0)
|
/usr/sbin/lwiod -- gen_context(system_u:object_r:lwiod_exec_t,s0)
|
||||||
/usr/sbin/lwregd -- gen_context(system_u:object_r:lwregd_exec_t,s0)
|
/usr/sbin/lwregd -- gen_context(system_u:object_r:lwregd_exec_t,s0)
|
||||||
/usr/sbin/lwsmd -- gen_context(system_u:object_r:lwsmd_exec_t,s0)
|
/usr/sbin/lwsmd -- gen_context(system_u:object_r:lwsmd_exec_t,s0)
|
||||||
/usr/sbin/netlogond -- gen_context(system_u:object_r:netlogond_exec_t,s0)
|
/usr/sbin/netlogond -- gen_context(system_u:object_r:netlogond_exec_t,s0)
|
||||||
/usr/sbin/srvsvcd -- gen_context(system_u:object_r:srvsvcd_exec_t,s0)
|
/usr/sbin/srvsvcd -- gen_context(system_u:object_r:srvsvcd_exec_t,s0)
|
||||||
|
|
||||||
/var/lib/likewise-open(/.*)? gen_context(system_u:object_r:likewise_var_lib_t,s0)
|
/var/lib/likewise-open(/.*)? gen_context(system_u:object_r:likewise_var_lib_t,s0)
|
||||||
/var/lib/likewise-open/\.lsassd -s gen_context(system_u:object_r:lsassd_var_socket_t,s0)
|
/var/lib/likewise-open/\.lsassd -s gen_context(system_u:object_r:lsassd_var_socket_t,s0)
|
||||||
/var/lib/likewise-open/\.lwiod -s gen_context(system_u:object_r:lwiod_var_socket_t,s0)
|
/var/lib/likewise-open/\.lwiod -s gen_context(system_u:object_r:lwiod_var_socket_t,s0)
|
||||||
/var/lib/likewise-open/\.regsd -s gen_context(system_u:object_r:lwregd_var_socket_t,s0)
|
/var/lib/likewise-open/\.regsd -s gen_context(system_u:object_r:lwregd_var_socket_t,s0)
|
||||||
/var/lib/likewise-open/\.lwsm -s gen_context(system_u:object_r:lwsmd_var_socket_t,s0)
|
/var/lib/likewise-open/\.lwsm -s gen_context(system_u:object_r:lwsmd_var_socket_t,s0)
|
||||||
/var/lib/likewise-open/\.netlogond -s gen_context(system_u:object_r:netlogond_var_socket_t,s0)
|
/var/lib/likewise-open/\.netlogond -s gen_context(system_u:object_r:netlogond_var_socket_t,s0)
|
||||||
/var/lib/likewise-open/\.ntlmd -s gen_context(system_u:object_r:lsassd_var_socket_t,s0)
|
/var/lib/likewise-open/\.ntlmd -s gen_context(system_u:object_r:lsassd_var_socket_t,s0)
|
||||||
/var/lib/likewise-open/krb5-affinity.conf -- gen_context(system_u:object_r:netlogond_var_lib_t, s0)
|
/var/lib/likewise-open/krb5-affinity.conf -- gen_context(system_u:object_r:netlogond_var_lib_t, s0)
|
||||||
/var/lib/likewise-open/krb5ccr_lsass -- gen_context(system_u:object_r:lsassd_var_lib_t, s0)
|
/var/lib/likewise-open/krb5ccr_lsass -- gen_context(system_u:object_r:lsassd_var_lib_t, s0)
|
||||||
/var/lib/likewise-open/LWNetsd\.err -- gen_context(system_u:object_r:netlogond_var_lib_t,s0)
|
/var/lib/likewise-open/LWNetsd\.err -- gen_context(system_u:object_r:netlogond_var_lib_t,s0)
|
||||||
/var/lib/likewise-open/lsasd\.err -- gen_context(system_u:object_r:lsassd_var_lib_t,s0)
|
/var/lib/likewise-open/lsasd\.err -- gen_context(system_u:object_r:lsassd_var_lib_t,s0)
|
||||||
/var/lib/likewise-open/regsd\.err -- gen_context(system_u:object_r:lwregd_var_lib_t,s0)
|
/var/lib/likewise-open/regsd\.err -- gen_context(system_u:object_r:lwregd_var_lib_t,s0)
|
||||||
/var/lib/likewise-open/db -d gen_context(system_u:object_r:likewise_var_lib_t,s0)
|
/var/lib/likewise-open/db -d gen_context(system_u:object_r:likewise_var_lib_t,s0)
|
||||||
/var/lib/likewise-open/db/lwi_events.db -- gen_context(system_u:object_r:eventlogd_var_lib_t,s0)
|
/var/lib/likewise-open/db/lwi_events.db -- gen_context(system_u:object_r:eventlogd_var_lib_t,s0)
|
||||||
/var/lib/likewise-open/db/sam\.db -- gen_context(system_u:object_r:lsassd_var_lib_t,s0)
|
/var/lib/likewise-open/db/sam\.db -- gen_context(system_u:object_r:lsassd_var_lib_t,s0)
|
||||||
/var/lib/likewise-open/db/lsass-adcache\.db -- gen_context(system_u:object_r:lsassd_var_lib_t,s0)
|
/var/lib/likewise-open/db/lsass-adcache\.db -- gen_context(system_u:object_r:lsassd_var_lib_t,s0)
|
||||||
/var/lib/likewise-open/db/lsass-adstate\.filedb -- gen_context(system_u:object_r:lsassd_var_lib_t,s0)
|
/var/lib/likewise-open/db/lsass-adstate\.filedb -- gen_context(system_u:object_r:lsassd_var_lib_t,s0)
|
||||||
/var/lib/likewise-open/db/registry\.db -- gen_context(system_u:object_r:lwregd_var_lib_t,s0)
|
/var/lib/likewise-open/db/registry\.db -- gen_context(system_u:object_r:lwregd_var_lib_t,s0)
|
||||||
/var/lib/likewise-open/rpc -d gen_context(system_u:object_r:likewise_var_lib_t,s0)
|
/var/lib/likewise-open/rpc -d gen_context(system_u:object_r:likewise_var_lib_t,s0)
|
||||||
/var/lib/likewise-open/rpc/epmapper -s gen_context(system_u:object_r:dcerpcd_var_socket_t, s0)
|
/var/lib/likewise-open/rpc/epmapper -s gen_context(system_u:object_r:dcerpcd_var_socket_t, s0)
|
||||||
/var/lib/likewise-open/rpc/lsass -s gen_context(system_u:object_r:lsassd_var_socket_t, s0)
|
/var/lib/likewise-open/rpc/lsass -s gen_context(system_u:object_r:lsassd_var_socket_t, s0)
|
||||||
/var/lib/likewise-open/rpc/socket -s gen_context(system_u:object_r:eventlogd_var_socket_t, s0)
|
/var/lib/likewise-open/rpc/socket -s gen_context(system_u:object_r:eventlogd_var_socket_t, s0)
|
||||||
/var/lib/likewise-open/run -d gen_context(system_u:object_r:likewise_var_lib_t,s0)
|
/var/lib/likewise-open/run -d gen_context(system_u:object_r:likewise_var_lib_t,s0)
|
||||||
/var/lib/likewise-open/run/rpcdep.dat -- gen_context(system_u:object_r:dcerpcd_var_lib_t, s0)
|
/var/lib/likewise-open/run/rpcdep.dat -- gen_context(system_u:object_r:dcerpcd_var_lib_t, s0)
|
||||||
|
|
||||||
/var/run/eventlogd.pid -- gen_context(system_u:object_r:eventlogd_var_run_t,s0)
|
/var/run/eventlogd.pid -- gen_context(system_u:object_r:eventlogd_var_run_t,s0)
|
||||||
/var/run/lsassd.pid -- gen_context(system_u:object_r:lsassd_var_run_t,s0)
|
/var/run/lsassd.pid -- gen_context(system_u:object_r:lsassd_var_run_t,s0)
|
||||||
/var/run/lwiod.pid -- gen_context(system_u:object_r:lwiod_var_run_t,s0)
|
/var/run/lwiod.pid -- gen_context(system_u:object_r:lwiod_var_run_t,s0)
|
||||||
/var/run/lwregd.pid -- gen_context(system_u:object_r:lwregd_var_run_t,s0)
|
/var/run/lwregd.pid -- gen_context(system_u:object_r:lwregd_var_run_t,s0)
|
||||||
/var/run/netlogond.pid -- gen_context(system_u:object_r:netlogond_var_run_t,s0)
|
/var/run/netlogond.pid -- gen_context(system_u:object_r:netlogond_var_run_t,s0)
|
||||||
/var/run/srvsvcd.pid -- gen_context(system_u:object_r:srvsvcd_var_run_t,s0)
|
/var/run/srvsvcd.pid -- gen_context(system_u:object_r:srvsvcd_var_run_t,s0)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,10 +1,10 @@
|
||||||
## <summary>Likewise Active Directory support for UNIX.</summary>
|
## <summary>Likewise Active Directory support for UNIX.</summary>
|
||||||
## <desc>
|
## <desc>
|
||||||
## <p>
|
## <p>
|
||||||
## Likewise Open is a free, open source application that joins Linux, Unix,
|
## Likewise Open is a free, open source application that joins Linux, Unix,
|
||||||
## and Mac machines to Microsoft Active Directory to securely authenticate
|
## and Mac machines to Microsoft Active Directory to securely authenticate
|
||||||
## users with their domain credentials.
|
## users with their domain credentials.
|
||||||
## </p>
|
## </p>
|
||||||
## </desc>
|
## </desc>
|
||||||
|
|
||||||
#######################################
|
#######################################
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,7 @@ policy_module(likewise, 1.0.0)
|
||||||
|
|
||||||
#################################
|
#################################
|
||||||
#
|
#
|
||||||
# Likewise global personal declarations.
|
# Declarations
|
||||||
#
|
#
|
||||||
|
|
||||||
attribute likewise_domains;
|
attribute likewise_domains;
|
||||||
|
|
@ -23,69 +23,25 @@ files_type(likewise_pstore_lock_t)
|
||||||
type likewise_krb5_ad_t;
|
type likewise_krb5_ad_t;
|
||||||
files_type(likewise_krb5_ad_t)
|
files_type(likewise_krb5_ad_t)
|
||||||
|
|
||||||
#############################
|
|
||||||
#
|
|
||||||
# Likewise dcerpcd personal declarations.
|
|
||||||
#
|
|
||||||
|
|
||||||
likewise_domain_template(dcerpcd)
|
likewise_domain_template(dcerpcd)
|
||||||
|
|
||||||
#############################
|
|
||||||
#
|
|
||||||
# Likewise eventlogd personal declarations.
|
|
||||||
#
|
|
||||||
|
|
||||||
likewise_domain_template(eventlogd)
|
likewise_domain_template(eventlogd)
|
||||||
|
|
||||||
#############################
|
|
||||||
#
|
|
||||||
# Likewise lsassd personal declarations.
|
|
||||||
#
|
|
||||||
|
|
||||||
likewise_domain_template(lsassd)
|
likewise_domain_template(lsassd)
|
||||||
|
|
||||||
type lsassd_tmp_t;
|
type lsassd_tmp_t;
|
||||||
files_tmp_file(lsassd_tmp_t)
|
files_tmp_file(lsassd_tmp_t)
|
||||||
|
|
||||||
#############################
|
|
||||||
#
|
|
||||||
# Likewise lwiod personal declarations.
|
|
||||||
#
|
|
||||||
|
|
||||||
likewise_domain_template(lwiod)
|
likewise_domain_template(lwiod)
|
||||||
|
|
||||||
#############################
|
|
||||||
#
|
|
||||||
# Likewise lwregd personal declarations.
|
|
||||||
#
|
|
||||||
|
|
||||||
likewise_domain_template(lwregd)
|
likewise_domain_template(lwregd)
|
||||||
|
|
||||||
#############################
|
|
||||||
#
|
|
||||||
# Likewise lwsmd personal declarations.
|
|
||||||
#
|
|
||||||
|
|
||||||
likewise_domain_template(lwsmd)
|
likewise_domain_template(lwsmd)
|
||||||
|
|
||||||
#############################
|
|
||||||
#
|
|
||||||
# Likewise netlogond personal declarations.
|
|
||||||
#
|
|
||||||
|
|
||||||
likewise_domain_template(netlogond)
|
likewise_domain_template(netlogond)
|
||||||
|
|
||||||
#############################
|
|
||||||
#
|
|
||||||
# Likewise srvsvcd personal declarations.
|
|
||||||
#
|
|
||||||
|
|
||||||
likewise_domain_template(srvsvcd)
|
likewise_domain_template(srvsvcd)
|
||||||
|
|
||||||
##################################
|
|
||||||
#
|
|
||||||
# Likewise global personal policy.
|
|
||||||
|
|
||||||
#################################
|
#################################
|
||||||
#
|
#
|
||||||
# Likewise dcerpcd personal policy
|
# Likewise dcerpcd personal policy
|
||||||
|
|
@ -134,8 +90,8 @@ corenet_udp_sendrecv_generic_port(eventlogd_t)
|
||||||
# Likewise Authentication service local policy
|
# Likewise Authentication service local policy
|
||||||
#
|
#
|
||||||
|
|
||||||
allow lsassd_t self:capability {fowner chown fsetid dac_override sys_time};
|
allow lsassd_t self:capability { fowner chown fsetid dac_override sys_time };
|
||||||
allow lsassd_t self:unix_stream_socket {create_stream_socket_perms connectto};
|
allow lsassd_t self:unix_stream_socket { create_stream_socket_perms connectto };
|
||||||
allow lsassd_t self:netlink_route_socket rw_netlink_socket_perms;
|
allow lsassd_t self:netlink_route_socket rw_netlink_socket_perms;
|
||||||
|
|
||||||
allow lsassd_t likewise_krb5_ad_t:file read_file_perms;
|
allow lsassd_t likewise_krb5_ad_t:file read_file_perms;
|
||||||
|
|
@ -152,6 +108,11 @@ stream_connect_pattern(lsassd_t, likewise_var_lib_t, lwiod_var_socket_t, lwiod_t
|
||||||
stream_connect_pattern(lsassd_t, likewise_var_lib_t, lwregd_var_socket_t, lwregd_t)
|
stream_connect_pattern(lsassd_t, likewise_var_lib_t, lwregd_var_socket_t, lwregd_t)
|
||||||
stream_connect_pattern(lsassd_t, likewise_var_lib_t, netlogond_var_socket_t, netlogond_t)
|
stream_connect_pattern(lsassd_t, likewise_var_lib_t, netlogond_var_socket_t, netlogond_t)
|
||||||
|
|
||||||
|
kernel_read_system_state(lsassd_t)
|
||||||
|
kernel_getattr_proc_files(lsassd_t)
|
||||||
|
kernel_list_all_proc(lsassd_t)
|
||||||
|
kernel_list_proc(lsassd_t)
|
||||||
|
|
||||||
corecmd_exec_bin(lsassd_t)
|
corecmd_exec_bin(lsassd_t)
|
||||||
corecmd_exec_shell(lsassd_t)
|
corecmd_exec_shell(lsassd_t)
|
||||||
|
|
||||||
|
|
@ -164,19 +125,13 @@ corenet_tcp_bind_generic_node(lsassd_t)
|
||||||
corenet_tcp_connect_epmap_port(lsassd_t)
|
corenet_tcp_connect_epmap_port(lsassd_t)
|
||||||
corenet_tcp_sendrecv_epmap_port(lsassd_t)
|
corenet_tcp_sendrecv_epmap_port(lsassd_t)
|
||||||
|
|
||||||
|
domain_obj_id_change_exemption(lsassd_t)
|
||||||
|
|
||||||
files_manage_etc_files(lsassd_t)
|
files_manage_etc_files(lsassd_t)
|
||||||
files_manage_etc_symlinks(lsassd_t)
|
files_manage_etc_symlinks(lsassd_t)
|
||||||
files_manage_etc_runtime_files(lsassd_t)
|
files_manage_etc_runtime_files(lsassd_t)
|
||||||
|
|
||||||
files_relabelto_home(lsassd_t)
|
files_relabelto_home(lsassd_t)
|
||||||
|
|
||||||
kernel_read_system_state(lsassd_t)
|
|
||||||
kernel_getattr_proc_files(lsassd_t)
|
|
||||||
kernel_list_all_proc(lsassd_t)
|
|
||||||
kernel_list_proc(lsassd_t)
|
|
||||||
|
|
||||||
domain_obj_id_change_exemption(lsassd_t)
|
|
||||||
|
|
||||||
selinux_get_fs_mount(lsassd_t)
|
selinux_get_fs_mount(lsassd_t)
|
||||||
selinux_validate_context(lsassd_t)
|
selinux_validate_context(lsassd_t)
|
||||||
|
|
||||||
|
|
@ -201,7 +156,7 @@ optional_policy(`
|
||||||
# Likewise I/O service local policy
|
# Likewise I/O service local policy
|
||||||
#
|
#
|
||||||
|
|
||||||
allow lwiod_t self:capability {fowner chown fsetid dac_override };
|
allow lwiod_t self:capability { fowner chown fsetid dac_override };
|
||||||
allow lwiod_t self:netlink_route_socket rw_netlink_socket_perms;
|
allow lwiod_t self:netlink_route_socket rw_netlink_socket_perms;
|
||||||
|
|
||||||
allow lwiod_t likewise_krb5_ad_t:file read_file_perms;
|
allow lwiod_t likewise_krb5_ad_t:file read_file_perms;
|
||||||
|
|
@ -228,11 +183,6 @@ optional_policy(`
|
||||||
kerberos_use(lwiod_t)
|
kerberos_use(lwiod_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
#################################
|
|
||||||
#
|
|
||||||
# Likewise Registry server local policy
|
|
||||||
#
|
|
||||||
|
|
||||||
#################################
|
#################################
|
||||||
#
|
#
|
||||||
# Likewise Service Manager service local policy
|
# Likewise Service Manager service local policy
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
|
|
||||||
policy_module(authlogin, 2.1.2)
|
policy_module(authlogin, 2.1.3)
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
#
|
#
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue