- Merge upstream fix of mmap_zero
- Allow mount to write files in debugfs_t - Allow corosync to communicate with clvmd via tmpfs - Allow certmaster to read usr_t files - Allow dbus system services to search cgroup_t - Define rlogind_t as a login pgm
This commit is contained in:
parent
482c9f3ad9
commit
c8bf6aa460
@ -6767,34 +6767,10 @@ index 0440b4c..e10101a 100644
|
|||||||
+ allow $1 wine_t:shm rw_shm_perms;
|
+ allow $1 wine_t:shm rw_shm_perms;
|
||||||
+')
|
+')
|
||||||
diff --git a/policy/modules/apps/wine.te b/policy/modules/apps/wine.te
|
diff --git a/policy/modules/apps/wine.te b/policy/modules/apps/wine.te
|
||||||
index f9a123a..40cbebb 100644
|
index f9a123a..277543a 100644
|
||||||
--- a/policy/modules/apps/wine.te
|
--- a/policy/modules/apps/wine.te
|
||||||
+++ b/policy/modules/apps/wine.te
|
+++ b/policy/modules/apps/wine.te
|
||||||
@@ -1,5 +1,13 @@
|
@@ -51,7 +51,11 @@ optional_policy(`
|
||||||
policy_module(wine, 1.7.2)
|
|
||||||
|
|
||||||
+## <desc>
|
|
||||||
+## <p>
|
|
||||||
+## Ignore wine mmap_zero errors
|
|
||||||
+## </p>
|
|
||||||
+## </desc>
|
|
||||||
+#
|
|
||||||
+gen_tunable(wine_mmap_zero_ignore, false)
|
|
||||||
+
|
|
||||||
########################################
|
|
||||||
#
|
|
||||||
# Declarations
|
|
||||||
@@ -37,6 +45,9 @@ manage_files_pattern(wine_t, wine_tmp_t, wine_tmp_t)
|
|
||||||
files_tmp_filetrans(wine_t, wine_tmp_t, { file dir })
|
|
||||||
|
|
||||||
domain_mmap_low(wine_t)
|
|
||||||
+tunable_policy(`wine_mmap_zero_ignore',`
|
|
||||||
+ dontaudit wine_t self:memprotect mmap_zero;
|
|
||||||
+')
|
|
||||||
|
|
||||||
files_execmod_all_files(wine_t)
|
|
||||||
|
|
||||||
@@ -51,7 +62,11 @@ optional_policy(`
|
|
||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
|
Loading…
Reference in New Issue
Block a user