From 937b2c4d91989c87022ed52eb9b8e2883806d260 Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: Wed, 9 Sep 2009 09:35:37 -0400 Subject: [PATCH] nscd patch from dan. --- policy/modules/services/nscd.if | 18 ++++++++++++++++++ policy/modules/services/nscd.te | 3 ++- 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/policy/modules/services/nscd.if b/policy/modules/services/nscd.if index 3b5d2a18..beed4c56 100644 --- a/policy/modules/services/nscd.if +++ b/policy/modules/services/nscd.if @@ -234,6 +234,24 @@ interface(`nscd_run',` role $2 types nscd_t; ') +######################################## +## +## Execute the nscd server init script. +## +## +## +## Domain allowed access. +## +## +# +interface(`nscd_initrc_domtrans',` + gen_require(` + type nscd_initrc_exec_t; + ') + + init_labeled_script_domtrans($1, nscd_initrc_exec_t) +') + ######################################## ## ## All of the rules required to administrate diff --git a/policy/modules/services/nscd.te b/policy/modules/services/nscd.te index 9b509226..afbd2be2 100644 --- a/policy/modules/services/nscd.te +++ b/policy/modules/services/nscd.te @@ -1,5 +1,5 @@ -policy_module(nscd, 1.9.1) +policy_module(nscd, 1.9.2) gen_require(` class nscd all_nscd_perms; @@ -65,6 +65,7 @@ dev_read_urand(nscd_t) fs_getattr_all_fs(nscd_t) fs_search_auto_mountpoints(nscd_t) +fs_list_inotifyfs(nscd_t) # for when /etc/passwd has just been updated and has the wrong type auth_getattr_shadow(nscd_t)