rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Portreserve patch from Dan Walsh.

Browse Source
This commit is contained in:
Chris PeBenito 2010-04-05 14:50:23 -04:00
parent 38db49c545
commit b577852a98
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
policy/modules/services/portreserve.te
View File

@ -1,5 +1,5 @@
policy_module(portreserve, 1.1.0) policy_module(portreserve, 1.1.1)
######################################## ########################################
# #
@ -21,6 +21,7 @@ files_pid_file(portreserve_var_run_t)
# Portreserve local policy # Portreserve local policy
# #
allow portreserve_t self:capability { dac_read_search dac_override };
allow portreserve_t self:fifo_file rw_fifo_file_perms; allow portreserve_t self:fifo_file rw_fifo_file_perms;
allow portreserve_t self:unix_stream_socket create_stream_socket_perms; allow portreserve_t self:unix_stream_socket create_stream_socket_perms;
allow portreserve_t self:unix_dgram_socket { create_socket_perms sendto }; allow portreserve_t self:unix_dgram_socket { create_socket_perms sendto };
@ -37,6 +38,8 @@ manage_files_pattern(portreserve_t, portreserve_var_run_t, portreserve_var_run_t
manage_sock_files_pattern(portreserve_t, portreserve_var_run_t, portreserve_var_run_t) manage_sock_files_pattern(portreserve_t, portreserve_var_run_t, portreserve_var_run_t)
files_pid_filetrans(portreserve_t, portreserve_var_run_t, { file sock_file }) files_pid_filetrans(portreserve_t, portreserve_var_run_t, { file sock_file })
corecmd_getattr_bin_files(portreserve_t)
corenet_all_recvfrom_unlabeled(portreserve_t) corenet_all_recvfrom_unlabeled(portreserve_t)
corenet_all_recvfrom_netlabel(portreserve_t) corenet_all_recvfrom_netlabel(portreserve_t)
corenet_tcp_bind_generic_node(portreserve_t) corenet_tcp_bind_generic_node(portreserve_t)