- Fix sysnet/net_conf_t
This commit is contained in:
parent
81794767c6
commit
8c2b68a3e1
@ -28096,7 +28096,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||
+/etc/firestarter/firestarter\.sh gen_context(system_u:object_r:dhcpc_helper_exec_t,s0)
|
||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.if serefpolicy-3.6.6/policy/modules/system/sysnetwork.if
|
||||
--- nsaserefpolicy/policy/modules/system/sysnetwork.if 2009-01-19 11:07:34.000000000 -0500
|
||||
+++ serefpolicy-3.6.6/policy/modules/system/sysnetwork.if 2009-02-16 17:51:03.000000000 -0500
|
||||
+++ serefpolicy-3.6.6/policy/modules/system/sysnetwork.if 2009-02-17 11:02:02.000000000 -0500
|
||||
@@ -43,6 +43,39 @@
|
||||
|
||||
sysnet_domtrans_dhcpc($1)
|
||||
@ -28173,16 +28173,17 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||
')
|
||||
|
||||
#######################################
|
||||
@@ -323,7 +374,7 @@
|
||||
@@ -323,7 +374,8 @@
|
||||
type net_conf_t;
|
||||
')
|
||||
|
||||
- allow $1 net_conf_t:file manage_file_perms;
|
||||
+ allow $1 net_conf_t:dir list_dir_perms;
|
||||
+ manage_files_pattern($1, net_conf_t, net_conf_t)
|
||||
')
|
||||
|
||||
#######################################
|
||||
@@ -541,6 +592,7 @@
|
||||
@@ -541,6 +593,7 @@
|
||||
type net_conf_t;
|
||||
')
|
||||
|
||||
@ -28190,7 +28191,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||
allow $1 self:tcp_socket create_socket_perms;
|
||||
allow $1 self:udp_socket create_socket_perms;
|
||||
|
||||
@@ -557,6 +609,14 @@
|
||||
@@ -557,6 +610,14 @@
|
||||
|
||||
files_search_etc($1)
|
||||
allow $1 net_conf_t:file read_file_perms;
|
||||
@ -28205,7 +28206,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||
')
|
||||
|
||||
########################################
|
||||
@@ -586,6 +646,8 @@
|
||||
@@ -586,6 +647,8 @@
|
||||
|
||||
files_search_etc($1)
|
||||
allow $1 net_conf_t:file read_file_perms;
|
||||
@ -28214,7 +28215,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||
')
|
||||
|
||||
########################################
|
||||
@@ -620,3 +682,49 @@
|
||||
@@ -620,3 +683,49 @@
|
||||
files_search_etc($1)
|
||||
allow $1 net_conf_t:file read_file_perms;
|
||||
')
|
||||
@ -28266,7 +28267,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||
+')
|
||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.te serefpolicy-3.6.6/policy/modules/system/sysnetwork.te
|
||||
--- nsaserefpolicy/policy/modules/system/sysnetwork.te 2009-01-19 11:07:34.000000000 -0500
|
||||
+++ serefpolicy-3.6.6/policy/modules/system/sysnetwork.te 2009-02-16 17:27:59.000000000 -0500
|
||||
+++ serefpolicy-3.6.6/policy/modules/system/sysnetwork.te 2009-02-17 11:14:42.000000000 -0500
|
||||
@@ -20,6 +20,9 @@
|
||||
init_daemon_domain(dhcpc_t,dhcpc_exec_t)
|
||||
role system_r types dhcpc_t;
|
||||
@ -28304,6 +28305,15 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||
manage_files_pattern(dhcpc_t,dhcpc_state_t,dhcpc_state_t)
|
||||
filetrans_pattern(dhcpc_t,dhcp_state_t,dhcpc_state_t,file)
|
||||
|
||||
@@ -65,7 +69,7 @@
|
||||
|
||||
# Allow read/write to /etc/resolv.conf and /etc/ntp.conf. Note that any files
|
||||
# in /etc created by dhcpcd will be labelled net_conf_t.
|
||||
-allow dhcpc_t net_conf_t:file manage_file_perms;
|
||||
+sysnet_manage_config(dhcpc_t)
|
||||
files_etc_filetrans(dhcpc_t,net_conf_t,file)
|
||||
|
||||
# create temp files
|
||||
@@ -116,7 +120,7 @@
|
||||
corecmd_exec_shell(dhcpc_t)
|
||||
|
||||
|
@ -20,7 +20,7 @@
|
||||
Summary: SELinux policy configuration
|
||||
Name: selinux-policy
|
||||
Version: 3.6.6
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
License: GPLv2+
|
||||
Group: System Environment/Base
|
||||
Source: serefpolicy-%{version}.tgz
|
||||
@ -444,6 +444,9 @@ exit 0
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Tue Feb 17 2009 Dan Walsh <dwalsh@redhat.com> 3.6.6-3
|
||||
- Fix sysnet/net_conf_t
|
||||
|
||||
* Tue Feb 17 2009 Dan Walsh <dwalsh@redhat.com> 3.6.6-2
|
||||
- Fix squidGuard labeling
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user