rpms
/
selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Remove duplicate declaration in ABRT

This commit is contained in:
Miroslav Grepl 2011-07-12 10:47:58 +02:00
parent 40468c4016
commit 9cf29c17e3
1 changed files with 16 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
policy-F16.patch
View File

@ -18974,7 +18974,7 @@ index 0b827c5..7382308 100644
+ read_lnk_files_pattern($1, abrt_retrace_cache_t, abrt_retrace_cache_t)
+')
diff --git a/policy/modules/services/abrt.te b/policy/modules/services/abrt.te
index 30861ec..a7f44c9 100644
index 30861ec..ffe6d41 100644
--- a/policy/modules/services/abrt.te
+++ b/policy/modules/services/abrt.te
@@ -5,6 +5,14 @@ policy_module(abrt, 1.2.0)
@ -18992,14 +18992,7 @@ index 30861ec..a7f44c9 100644
type abrt_t;
type abrt_exec_t;
init_daemon_domain(abrt_t, abrt_exec_t)
@@ -37,20 +45,44 @@ files_pid_file(abrt_var_run_t)
type abrt_helper_t;
type abrt_helper_exec_t;
application_domain(abrt_helper_t, abrt_helper_exec_t)
+init_system_domain(abrt_helper_t, abrt_helper_exec_t)
role system_r types abrt_helper_t;
ifdef(`enable_mcs',`
@@ -43,14 +51,37 @@ ifdef(`enable_mcs',`
init_ranged_daemon_domain(abrt_t, abrt_exec_t, s0 - mcs_systemhigh)
')
@ -19039,7 +19032,7 @@ index 30861ec..a7f44c9 100644
allow abrt_t self:fifo_file rw_fifo_file_perms;
allow abrt_t self:tcp_socket create_stream_socket_perms;
@@ -59,6 +91,7 @@ allow abrt_t self:unix_dgram_socket create_socket_perms;
@@ -59,6 +90,7 @@ allow abrt_t self:unix_dgram_socket create_socket_perms;
allow abrt_t self:netlink_route_socket r_netlink_socket_perms;
# abrt etc files
@ -19047,7 +19040,7 @@ index 30861ec..a7f44c9 100644
rw_files_pattern(abrt_t, abrt_etc_t, abrt_etc_t)
# log file
@@ -69,6 +102,7 @@ logging_log_filetrans(abrt_t, abrt_var_log_t, file)
@@ -69,6 +101,7 @@ logging_log_filetrans(abrt_t, abrt_var_log_t, file)
manage_dirs_pattern(abrt_t, abrt_tmp_t, abrt_tmp_t)
manage_files_pattern(abrt_t, abrt_tmp_t, abrt_tmp_t)
files_tmp_filetrans(abrt_t, abrt_tmp_t, { file dir })
@ -19055,7 +19048,7 @@ index 30861ec..a7f44c9 100644
# abrt var/cache files
manage_files_pattern(abrt_t, abrt_var_cache_t, abrt_var_cache_t)
@@ -82,7 +116,7 @@ manage_files_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t)
@@ -82,7 +115,7 @@ manage_files_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t)
manage_dirs_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t)
manage_sock_files_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t)
manage_lnk_files_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t)
@ -19064,7 +19057,7 @@ index 30861ec..a7f44c9 100644
kernel_read_ring_buffer(abrt_t)
kernel_read_system_state(abrt_t)
@@ -104,6 +138,7 @@ corenet_tcp_connect_all_ports(abrt_t)
@@ -104,6 +137,7 @@ corenet_tcp_connect_all_ports(abrt_t)
corenet_sendrecv_http_client_packets(abrt_t)
dev_getattr_all_chr_files(abrt_t)
@ -19072,7 +19065,7 @@ index 30861ec..a7f44c9 100644
dev_read_urand(abrt_t)
dev_rw_sysfs(abrt_t)
dev_dontaudit_read_raw_memory(abrt_t)
@@ -113,7 +148,8 @@ domain_read_all_domains_state(abrt_t)
@@ -113,7 +147,8 @@ domain_read_all_domains_state(abrt_t)
domain_signull_all_domains(abrt_t)
files_getattr_all_files(abrt_t)
@ -19082,7 +19075,7 @@ index 30861ec..a7f44c9 100644
files_read_var_symlinks(abrt_t)
files_read_var_lib_files(abrt_t)
files_read_usr_files(abrt_t)
@@ -121,6 +157,8 @@ files_read_generic_tmp_files(abrt_t)
@@ -121,6 +156,8 @@ files_read_generic_tmp_files(abrt_t)
files_read_kernel_modules(abrt_t)
files_dontaudit_list_default(abrt_t)
files_dontaudit_read_default_files(abrt_t)
@ -19091,7 +19084,7 @@ index 30861ec..a7f44c9 100644
fs_list_inotifyfs(abrt_t)
fs_getattr_all_fs(abrt_t)
@@ -131,7 +169,7 @@ fs_read_nfs_files(abrt_t)
@@ -131,7 +168,7 @@ fs_read_nfs_files(abrt_t)
fs_read_nfs_symlinks(abrt_t)
fs_search_all(abrt_t)
@ -19100,7 +19093,7 @@ index 30861ec..a7f44c9 100644
logging_read_generic_logs(abrt_t)
logging_send_syslog_msg(abrt_t)
@@ -140,6 +178,16 @@ miscfiles_read_generic_certs(abrt_t)
@@ -140,6 +177,16 @@ miscfiles_read_generic_certs(abrt_t)
miscfiles_read_localization(abrt_t)
userdom_dontaudit_read_user_home_content_files(abrt_t)
@ -19117,7 +19110,7 @@ index 30861ec..a7f44c9 100644
optional_policy(`
dbus_system_domain(abrt_t, abrt_exec_t)
@@ -150,6 +198,11 @@ optional_policy(`
@@ -150,6 +197,11 @@ optional_policy(`
')
optional_policy(`
@ -19129,7 +19122,7 @@ index 30861ec..a7f44c9 100644
policykit_dbus_chat(abrt_t)
policykit_domtrans_auth(abrt_t)
policykit_read_lib(abrt_t)
@@ -167,6 +220,7 @@ optional_policy(`
@@ -167,6 +219,7 @@ optional_policy(`
rpm_exec(abrt_t)
rpm_dontaudit_manage_db(abrt_t)
rpm_manage_cache(abrt_t)
@ -19137,7 +19130,7 @@ index 30861ec..a7f44c9 100644
rpm_manage_pid_files(abrt_t)
rpm_read_db(abrt_t)
rpm_signull(abrt_t)
@@ -178,12 +232,18 @@ optional_policy(`
@@ -178,12 +231,18 @@ optional_policy(`
')
optional_policy(`
@ -19157,7 +19150,7 @@ index 30861ec..a7f44c9 100644
#
allow abrt_helper_t self:capability { chown setgid sys_nice };
@@ -200,9 +260,12 @@ files_var_filetrans(abrt_helper_t, abrt_var_cache_t, { file dir })
@@ -200,9 +259,12 @@ files_var_filetrans(abrt_helper_t, abrt_var_cache_t, { file dir })
read_files_pattern(abrt_helper_t, abrt_var_run_t, abrt_var_run_t)
read_lnk_files_pattern(abrt_helper_t, abrt_var_run_t, abrt_var_run_t)
@ -19170,7 +19163,7 @@ index 30861ec..a7f44c9 100644
fs_list_inotifyfs(abrt_helper_t)
fs_getattr_all_fs(abrt_helper_t)
@@ -216,7 +279,8 @@ miscfiles_read_localization(abrt_helper_t)
@@ -216,7 +278,8 @@ miscfiles_read_localization(abrt_helper_t)
term_dontaudit_use_all_ttys(abrt_helper_t)
term_dontaudit_use_all_ptys(abrt_helper_t)
@ -19180,7 +19173,7 @@ index 30861ec..a7f44c9 100644
userdom_dontaudit_read_user_home_content_files(abrt_helper_t)
userdom_dontaudit_read_user_tmp_files(abrt_helper_t)
dev_dontaudit_read_all_blk_files(abrt_helper_t)
@@ -224,4 +288,100 @@ ifdef(`hide_broken_symptoms', `
@@ -224,4 +287,100 @@ ifdef(`hide_broken_symptoms', `
dev_dontaudit_write_all_chr_files(abrt_helper_t)
dev_dontaudit_write_all_blk_files(abrt_helper_t)
fs_dontaudit_rw_anon_inodefs_files(abrt_helper_t)