Add support for libselinux 2.0.5 init_selinuxmnt() changes.

This commit is contained in:
Chris PeBenito 2007-02-27 17:02:35 +00:00
parent cd548f7abc
commit 86d754eed6
3 changed files with 11 additions and 1 deletions

View File

@ -1,3 +1,4 @@
- Add support for libselinux 2.0.5 init_selinuxmnt() changes.
- Patch for misc fixes to bluetooth from Dan Walsh. - Patch for misc fixes to bluetooth from Dan Walsh.
- Patch for misc fixes to kerberos from Dan Walsh. - Patch for misc fixes to kerberos from Dan Walsh.
- Patch to start deprecating usercanread attribute from Ryan Bradetich. - Patch to start deprecating usercanread attribute from Ryan Bradetich.

View File

@ -16,6 +16,15 @@
## </param> ## </param>
# #
interface(`selinux_get_fs_mount',` interface(`selinux_get_fs_mount',`
gen_require(`
type security_t;
')
# starting in libselinux 2.0.5, init_selinuxmnt() will
# attempt to short circuit by checking if SELINUXMNT
# (/selinux) is already a selinuxfs
allow $1 security_t:filesystem getattr;
# read /proc/filesystems to see if selinuxfs is supported # read /proc/filesystems to see if selinuxfs is supported
# then read /proc/self/mount to see where selinuxfs is mounted # then read /proc/self/mount to see where selinuxfs is mounted
kernel_read_system_state($1) kernel_read_system_state($1)

View File

@ -1,5 +1,5 @@
policy_module(selinux,1.2.0) policy_module(selinux,1.2.1)
######################################## ########################################
# #