rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix merge

Browse Source
This commit is contained in:
Miroslav Grepl 2011-01-17 18:52:38 +00:00
parent 86b1f12f92
commit 9267e7053f
1 changed files with 9 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
policy-F15.patch
View File

@ -31197,7 +31197,7 @@ index 7257526..7d73656 100644
manage_files_pattern(postfix_policyd_t, postfix_policyd_var_run_t, postfix_policyd_var_run_t) manage_files_pattern(postfix_policyd_t, postfix_policyd_var_run_t, postfix_policyd_var_run_t)
files_pid_filetrans(postfix_policyd_t, postfix_policyd_var_run_t, file) files_pid_filetrans(postfix_policyd_t, postfix_policyd_var_run_t, file)
diff --git a/policy/modules/services/postgresql.if b/policy/modules/services/postgresql.if diff --git a/policy/modules/services/postgresql.if b/policy/modules/services/postgresql.if
index 09aeffa..12d4432 100644 index 09aeffa..dd70b14 100644
--- a/policy/modules/services/postgresql.if --- a/policy/modules/services/postgresql.if
+++ b/policy/modules/services/postgresql.if +++ b/policy/modules/services/postgresql.if
@@ -10,7 +10,7 @@ @@ -10,7 +10,7 @@
@ -31289,38 +31289,23 @@ index 09aeffa..12d4432 100644
') ')
######################################## ########################################
@@ -459,6 +458,8 @@ interface(`postgresql_unpriv_client',` @@ -468,6 +467,7 @@ interface(`postgresql_unpriv_client',`
type_transition $1 sepgsql_trusted_proc_exec_t:process sepgsql_trusted_proc_t; allow $1 unpriv_sepgsql_view_t:db_view { create drop setattr };
allow $1 sepgsql_trusted_proc_t:process transition; allow $1 unpriv_sepgsql_proc_exec_t:db_procedure { create drop setattr };
')
+<<<<<<< .merge_file_hr5C3y +
+=======
tunable_policy(`sepgsql_enable_users_ddl',`
allow $1 unpriv_sepgsql_schema_t:db_schema { create drop setattr };
allow $1 unpriv_sepgsql_table_t:db_table { create drop setattr };
@@ -471,6 +472,7 @@ interface(`postgresql_unpriv_client',`
allow $1 unpriv_sepgsql_schema_t:db_schema { getattr add_name remove_name }; allow $1 unpriv_sepgsql_schema_t:db_schema { getattr add_name remove_name };
type_transition $1 sepgsql_database_type:db_schema unpriv_sepgsql_schema_t; type_transition $1 sepgsql_database_type:db_schema unpriv_sepgsql_schema_t;
+>>>>>>> .merge_file_bHSs2v @@ -492,6 +492,7 @@ interface(`postgresql_unpriv_client',`
allow $1 unpriv_sepgsql_table_t:db_table { getattr use select update insert delete lock };
allow $1 unpriv_sepgsql_table_t:db_column { getattr use select update insert };
allow $1 unpriv_sepgsql_table_t:db_tuple { use select update insert delete };
@@ -492,6 +494,13 @@ interface(`postgresql_unpriv_client',`
allow $1 unpriv_sepgsql_blob_t:db_blob { create drop getattr setattr read write import export }; allow $1 unpriv_sepgsql_blob_t:db_blob { create drop getattr setattr read write import export };
type_transition $1 sepgsql_database_type:db_blob unpriv_sepgsql_blob_t; type_transition $1 sepgsql_database_type:db_blob unpriv_sepgsql_blob_t;
+ +
+ tunable_policy(`sepgsql_enable_users_ddl',`
+ allow $1 unpriv_sepgsql_table_t:db_table { create drop setattr };
+ allow $1 unpriv_sepgsql_table_t:db_column { create drop setattr };
+ allow $1 unpriv_sepgsql_sysobj_t:db_tuple { update insert delete };
+ allow $1 unpriv_sepgsql_proc_exec_t:db_procedure { create drop setattr };
+ ')
') ')
######################################## ########################################
@@ -531,13 +540,10 @@ interface(`postgresql_unconfined',` @@ -531,13 +532,10 @@ interface(`postgresql_unconfined',`
# #
interface(`postgresql_admin',` interface(`postgresql_admin',`
gen_require(` gen_require(`
@ -31338,7 +31323,7 @@ index 09aeffa..12d4432 100644
') ')
typeattribute $1 sepgsql_admin_type; typeattribute $1 sepgsql_admin_type;
@@ -550,14 +556,19 @@ interface(`postgresql_admin',` @@ -550,14 +548,19 @@ interface(`postgresql_admin',`
role_transition $2 postgresql_initrc_exec_t system_r; role_transition $2 postgresql_initrc_exec_t system_r;
allow $2 system_r; allow $2 system_r;