Use permission sets where possible.

This commit is contained in:
Dominick Grift 2010-09-23 14:33:26 +02:00
parent cefe9f9919
commit ac5201ecde

View File

@ -137,7 +137,7 @@ allow pyzord_t pyzor_etc_t:dir list_dir_perms;
can_exec(pyzord_t, pyzor_exec_t) can_exec(pyzord_t, pyzor_exec_t)
manage_files_pattern(pyzord_t, pyzord_log_t, pyzord_log_t) manage_files_pattern(pyzord_t, pyzord_log_t, pyzord_log_t)
allow pyzord_t pyzord_log_t:dir setattr; allow pyzord_t pyzord_log_t:dir setattr_dir_perms;
logging_log_filetrans(pyzord_t, pyzord_log_t, { file dir }) logging_log_filetrans(pyzord_t, pyzord_log_t, { file dir })
kernel_read_kernel_sysctls(pyzord_t) kernel_read_kernel_sysctls(pyzord_t)