- Fix sysnet/net_conf_t
This commit is contained in:
parent
81794767c6
commit
8c2b68a3e1
|
@ -28096,7 +28096,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||||
+/etc/firestarter/firestarter\.sh gen_context(system_u:object_r:dhcpc_helper_exec_t,s0)
|
+/etc/firestarter/firestarter\.sh gen_context(system_u:object_r:dhcpc_helper_exec_t,s0)
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.if serefpolicy-3.6.6/policy/modules/system/sysnetwork.if
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.if serefpolicy-3.6.6/policy/modules/system/sysnetwork.if
|
||||||
--- nsaserefpolicy/policy/modules/system/sysnetwork.if 2009-01-19 11:07:34.000000000 -0500
|
--- nsaserefpolicy/policy/modules/system/sysnetwork.if 2009-01-19 11:07:34.000000000 -0500
|
||||||
+++ serefpolicy-3.6.6/policy/modules/system/sysnetwork.if 2009-02-16 17:51:03.000000000 -0500
|
+++ serefpolicy-3.6.6/policy/modules/system/sysnetwork.if 2009-02-17 11:02:02.000000000 -0500
|
||||||
@@ -43,6 +43,39 @@
|
@@ -43,6 +43,39 @@
|
||||||
|
|
||||||
sysnet_domtrans_dhcpc($1)
|
sysnet_domtrans_dhcpc($1)
|
||||||
|
@ -28173,16 +28173,17 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||||
')
|
')
|
||||||
|
|
||||||
#######################################
|
#######################################
|
||||||
@@ -323,7 +374,7 @@
|
@@ -323,7 +374,8 @@
|
||||||
type net_conf_t;
|
type net_conf_t;
|
||||||
')
|
')
|
||||||
|
|
||||||
- allow $1 net_conf_t:file manage_file_perms;
|
- allow $1 net_conf_t:file manage_file_perms;
|
||||||
|
+ allow $1 net_conf_t:dir list_dir_perms;
|
||||||
+ manage_files_pattern($1, net_conf_t, net_conf_t)
|
+ manage_files_pattern($1, net_conf_t, net_conf_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
#######################################
|
#######################################
|
||||||
@@ -541,6 +592,7 @@
|
@@ -541,6 +593,7 @@
|
||||||
type net_conf_t;
|
type net_conf_t;
|
||||||
')
|
')
|
||||||
|
|
||||||
|
@ -28190,7 +28191,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||||
allow $1 self:tcp_socket create_socket_perms;
|
allow $1 self:tcp_socket create_socket_perms;
|
||||||
allow $1 self:udp_socket create_socket_perms;
|
allow $1 self:udp_socket create_socket_perms;
|
||||||
|
|
||||||
@@ -557,6 +609,14 @@
|
@@ -557,6 +610,14 @@
|
||||||
|
|
||||||
files_search_etc($1)
|
files_search_etc($1)
|
||||||
allow $1 net_conf_t:file read_file_perms;
|
allow $1 net_conf_t:file read_file_perms;
|
||||||
|
@ -28205,7 +28206,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||||
')
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
@@ -586,6 +646,8 @@
|
@@ -586,6 +647,8 @@
|
||||||
|
|
||||||
files_search_etc($1)
|
files_search_etc($1)
|
||||||
allow $1 net_conf_t:file read_file_perms;
|
allow $1 net_conf_t:file read_file_perms;
|
||||||
|
@ -28214,7 +28215,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||||
')
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
@@ -620,3 +682,49 @@
|
@@ -620,3 +683,49 @@
|
||||||
files_search_etc($1)
|
files_search_etc($1)
|
||||||
allow $1 net_conf_t:file read_file_perms;
|
allow $1 net_conf_t:file read_file_perms;
|
||||||
')
|
')
|
||||||
|
@ -28266,7 +28267,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||||
+')
|
+')
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.te serefpolicy-3.6.6/policy/modules/system/sysnetwork.te
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.te serefpolicy-3.6.6/policy/modules/system/sysnetwork.te
|
||||||
--- nsaserefpolicy/policy/modules/system/sysnetwork.te 2009-01-19 11:07:34.000000000 -0500
|
--- nsaserefpolicy/policy/modules/system/sysnetwork.te 2009-01-19 11:07:34.000000000 -0500
|
||||||
+++ serefpolicy-3.6.6/policy/modules/system/sysnetwork.te 2009-02-16 17:27:59.000000000 -0500
|
+++ serefpolicy-3.6.6/policy/modules/system/sysnetwork.te 2009-02-17 11:14:42.000000000 -0500
|
||||||
@@ -20,6 +20,9 @@
|
@@ -20,6 +20,9 @@
|
||||||
init_daemon_domain(dhcpc_t,dhcpc_exec_t)
|
init_daemon_domain(dhcpc_t,dhcpc_exec_t)
|
||||||
role system_r types dhcpc_t;
|
role system_r types dhcpc_t;
|
||||||
|
@ -28304,6 +28305,15 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||||
manage_files_pattern(dhcpc_t,dhcpc_state_t,dhcpc_state_t)
|
manage_files_pattern(dhcpc_t,dhcpc_state_t,dhcpc_state_t)
|
||||||
filetrans_pattern(dhcpc_t,dhcp_state_t,dhcpc_state_t,file)
|
filetrans_pattern(dhcpc_t,dhcp_state_t,dhcpc_state_t,file)
|
||||||
|
|
||||||
|
@@ -65,7 +69,7 @@
|
||||||
|
|
||||||
|
# Allow read/write to /etc/resolv.conf and /etc/ntp.conf. Note that any files
|
||||||
|
# in /etc created by dhcpcd will be labelled net_conf_t.
|
||||||
|
-allow dhcpc_t net_conf_t:file manage_file_perms;
|
||||||
|
+sysnet_manage_config(dhcpc_t)
|
||||||
|
files_etc_filetrans(dhcpc_t,net_conf_t,file)
|
||||||
|
|
||||||
|
# create temp files
|
||||||
@@ -116,7 +120,7 @@
|
@@ -116,7 +120,7 @@
|
||||||
corecmd_exec_shell(dhcpc_t)
|
corecmd_exec_shell(dhcpc_t)
|
||||||
|
|
||||||
|
|
|
@ -20,7 +20,7 @@
|
||||||
Summary: SELinux policy configuration
|
Summary: SELinux policy configuration
|
||||||
Name: selinux-policy
|
Name: selinux-policy
|
||||||
Version: 3.6.6
|
Version: 3.6.6
|
||||||
Release: 2%{?dist}
|
Release: 3%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
Source: serefpolicy-%{version}.tgz
|
Source: serefpolicy-%{version}.tgz
|
||||||
|
@ -444,6 +444,9 @@ exit 0
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Feb 17 2009 Dan Walsh <dwalsh@redhat.com> 3.6.6-3
|
||||||
|
- Fix sysnet/net_conf_t
|
||||||
|
|
||||||
* Tue Feb 17 2009 Dan Walsh <dwalsh@redhat.com> 3.6.6-2
|
* Tue Feb 17 2009 Dan Walsh <dwalsh@redhat.com> 3.6.6-2
|
||||||
- Fix squidGuard labeling
|
- Fix squidGuard labeling
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue