- Add virt_content_ro_t and labeling for isos directory
This commit is contained in:
parent
2528660492
commit
a1833512de
@ -22405,7 +22405,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+HOME_DIR/VirtualMachines/isos(/.*)? gen_context(system_u:object_r:virt_content_t,s0)
|
+HOME_DIR/VirtualMachines/isos(/.*)? gen_context(system_u:object_r:virt_content_t,s0)
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/virt.if serefpolicy-3.6.3/policy/modules/services/virt.if
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/virt.if serefpolicy-3.6.3/policy/modules/services/virt.if
|
||||||
--- nsaserefpolicy/policy/modules/services/virt.if 2009-01-05 15:39:43.000000000 -0500
|
--- nsaserefpolicy/policy/modules/services/virt.if 2009-01-05 15:39:43.000000000 -0500
|
||||||
+++ serefpolicy-3.6.3/policy/modules/services/virt.if 2009-01-30 09:23:23.000000000 -0500
|
+++ serefpolicy-3.6.3/policy/modules/services/virt.if 2009-01-30 09:30:42.000000000 -0500
|
||||||
@@ -293,6 +293,41 @@
|
@@ -293,6 +293,41 @@
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
@ -22425,19 +22425,19 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+
|
+
|
||||||
+ virt_search_lib($1)
|
+ virt_search_lib($1)
|
||||||
+ allow $1 virt_content_t:dir list_dir_perms;
|
+ allow $1 virt_content_t:dir list_dir_perms;
|
||||||
+ read_dirs_pattern($1, virt_content_t, virt_content_t)
|
+ list_dirs_pattern($1, virt_content_t, virt_content_t)
|
||||||
+ read_files_pattern($1, virt_content_t, virt_content_t)
|
+ read_files_pattern($1, virt_content_t, virt_content_t)
|
||||||
+ read_lnk_files_pattern($1, virt_content_t, virt_content_t)
|
+ read_lnk_files_pattern($1, virt_content_t, virt_content_t)
|
||||||
+ rw_blk_files_pattern($1, virt_content_t, virt_content_t)
|
+ rw_blk_files_pattern($1, virt_content_t, virt_content_t)
|
||||||
+
|
+
|
||||||
+ tunable_policy(`virt_use_nfs',`
|
+ tunable_policy(`virt_use_nfs',`
|
||||||
+ fs_read_nfs_dirs($1)
|
+ fs_list_nfs($1)
|
||||||
+ fs_read_nfs_files($1)
|
+ fs_read_nfs_files($1)
|
||||||
+ fs_read_nfs_symlinks($1)
|
+ fs_read_nfs_symlinks($1)
|
||||||
+ ')
|
+ ')
|
||||||
+
|
+
|
||||||
+ tunable_policy(`virt_use_samba',`
|
+ tunable_policy(`virt_use_samba',`
|
||||||
+ fs_read_nfs_files($1)
|
+ fs_list_cifs($1)
|
||||||
+ fs_read_cifs_files($1)
|
+ fs_read_cifs_files($1)
|
||||||
+ fs_read_cifs_symlinks($1)
|
+ fs_read_cifs_symlinks($1)
|
||||||
+ ')
|
+ ')
|
||||||
|
Loading…
Reference in New Issue
Block a user