- Allow rpcd_t to stream connect to rpcbind
This commit is contained in:
parent
9850f4d30d
commit
d399fb4d25
156
policy-F12.patch
156
policy-F12.patch
@ -1657,8 +1657,8 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+
|
+
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/cpufreqselector.te serefpolicy-3.6.18/policy/modules/apps/cpufreqselector.te
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/cpufreqselector.te serefpolicy-3.6.18/policy/modules/apps/cpufreqselector.te
|
||||||
--- nsaserefpolicy/policy/modules/apps/cpufreqselector.te 1969-12-31 19:00:00.000000000 -0500
|
--- nsaserefpolicy/policy/modules/apps/cpufreqselector.te 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ serefpolicy-3.6.18/policy/modules/apps/cpufreqselector.te 2009-06-20 06:49:47.000000000 -0400
|
+++ serefpolicy-3.6.18/policy/modules/apps/cpufreqselector.te 2009-06-24 16:19:52.000000000 -0400
|
||||||
@@ -0,0 +1,42 @@
|
@@ -0,0 +1,43 @@
|
||||||
+policy_module(cpufreqselector,1.0.0)
|
+policy_module(cpufreqselector,1.0.0)
|
||||||
+
|
+
|
||||||
+########################################
|
+########################################
|
||||||
@ -1695,6 +1695,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+')
|
+')
|
||||||
+
|
+
|
||||||
+optional_policy(`
|
+optional_policy(`
|
||||||
|
+ polkit_dbus_chat(cpufreqselector_t)
|
||||||
+ polkit_domtrans_auth(cpufreqselector_t)
|
+ polkit_domtrans_auth(cpufreqselector_t)
|
||||||
+ polkit_read_lib(cpufreqselector_t)
|
+ polkit_read_lib(cpufreqselector_t)
|
||||||
+ polkit_read_reload(cpufreqselector_t)
|
+ polkit_read_reload(cpufreqselector_t)
|
||||||
@ -2057,7 +2058,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+')
|
+')
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gnome.te serefpolicy-3.6.18/policy/modules/apps/gnome.te
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gnome.te serefpolicy-3.6.18/policy/modules/apps/gnome.te
|
||||||
--- nsaserefpolicy/policy/modules/apps/gnome.te 2008-11-11 16:13:42.000000000 -0500
|
--- nsaserefpolicy/policy/modules/apps/gnome.te 2008-11-11 16:13:42.000000000 -0500
|
||||||
+++ serefpolicy-3.6.18/policy/modules/apps/gnome.te 2009-06-20 06:49:47.000000000 -0400
|
+++ serefpolicy-3.6.18/policy/modules/apps/gnome.te 2009-06-24 16:20:30.000000000 -0400
|
||||||
@@ -9,16 +9,18 @@
|
@@ -9,16 +9,18 @@
|
||||||
attribute gnomedomain;
|
attribute gnomedomain;
|
||||||
|
|
||||||
@ -2096,7 +2097,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
##############################
|
##############################
|
||||||
#
|
#
|
||||||
# Local Policy
|
# Local Policy
|
||||||
@@ -73,3 +84,87 @@
|
@@ -73,3 +84,89 @@
|
||||||
xserver_use_xdm_fds(gconfd_t)
|
xserver_use_xdm_fds(gconfd_t)
|
||||||
xserver_rw_xdm_pipes(gconfd_t)
|
xserver_rw_xdm_pipes(gconfd_t)
|
||||||
')
|
')
|
||||||
@ -2138,6 +2139,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+
|
+
|
||||||
+optional_policy(`
|
+optional_policy(`
|
||||||
+ polkit_domtrans_auth(gconfdefaultsm_t)
|
+ polkit_domtrans_auth(gconfdefaultsm_t)
|
||||||
|
+ polkit_dbus_chat(gconfdefaultsm_t)
|
||||||
+ polkit_read_lib(gconfdefaultsm_t)
|
+ polkit_read_lib(gconfdefaultsm_t)
|
||||||
+ polkit_read_reload(gconfdefaultsm_t)
|
+ polkit_read_reload(gconfdefaultsm_t)
|
||||||
+')
|
+')
|
||||||
@ -2177,6 +2179,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+')
|
+')
|
||||||
+
|
+
|
||||||
+optional_policy(`
|
+optional_policy(`
|
||||||
|
+ polkit_dbus_chat(gnomesystemmm_t)
|
||||||
+ polkit_domtrans_auth(gnomesystemmm_t)
|
+ polkit_domtrans_auth(gnomesystemmm_t)
|
||||||
+ polkit_read_lib(gnomesystemmm_t)
|
+ polkit_read_lib(gnomesystemmm_t)
|
||||||
+ polkit_read_reload(gnomesystemmm_t)
|
+ polkit_read_reload(gnomesystemmm_t)
|
||||||
@ -3915,8 +3918,8 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+')
|
+')
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/pulseaudio.te serefpolicy-3.6.18/policy/modules/apps/pulseaudio.te
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/pulseaudio.te serefpolicy-3.6.18/policy/modules/apps/pulseaudio.te
|
||||||
--- nsaserefpolicy/policy/modules/apps/pulseaudio.te 1969-12-31 19:00:00.000000000 -0500
|
--- nsaserefpolicy/policy/modules/apps/pulseaudio.te 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ serefpolicy-3.6.18/policy/modules/apps/pulseaudio.te 2009-06-20 06:49:47.000000000 -0400
|
+++ serefpolicy-3.6.18/policy/modules/apps/pulseaudio.te 2009-06-24 16:20:06.000000000 -0400
|
||||||
@@ -0,0 +1,111 @@
|
@@ -0,0 +1,112 @@
|
||||||
+policy_module(pulseaudio,1.0.0)
|
+policy_module(pulseaudio,1.0.0)
|
||||||
+
|
+
|
||||||
+########################################
|
+########################################
|
||||||
@ -4004,6 +4007,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+')
|
+')
|
||||||
+
|
+
|
||||||
+optional_policy(`
|
+optional_policy(`
|
||||||
|
+ polkit_dbus_chat(pulseaudio_t)
|
||||||
+ polkit_domtrans_auth(pulseaudio_t)
|
+ polkit_domtrans_auth(pulseaudio_t)
|
||||||
+ polkit_read_lib(pulseaudio_t)
|
+ polkit_read_lib(pulseaudio_t)
|
||||||
+ polkit_read_reload(pulseaudio_t)
|
+ polkit_read_reload(pulseaudio_t)
|
||||||
@ -10698,7 +10702,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+
|
+
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/consolekit.te serefpolicy-3.6.18/policy/modules/services/consolekit.te
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/consolekit.te serefpolicy-3.6.18/policy/modules/services/consolekit.te
|
||||||
--- nsaserefpolicy/policy/modules/services/consolekit.te 2009-05-21 08:43:08.000000000 -0400
|
--- nsaserefpolicy/policy/modules/services/consolekit.te 2009-05-21 08:43:08.000000000 -0400
|
||||||
+++ serefpolicy-3.6.18/policy/modules/services/consolekit.te 2009-06-20 06:49:47.000000000 -0400
|
+++ serefpolicy-3.6.18/policy/modules/services/consolekit.te 2009-06-24 16:21:56.000000000 -0400
|
||||||
@@ -11,7 +11,7 @@
|
@@ -11,7 +11,7 @@
|
||||||
init_daemon_domain(consolekit_t, consolekit_exec_t)
|
init_daemon_domain(consolekit_t, consolekit_exec_t)
|
||||||
|
|
||||||
@ -10748,10 +10752,11 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
hal_dbus_chat(consolekit_t)
|
hal_dbus_chat(consolekit_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
@@ -97,11 +106,27 @@
|
@@ -97,11 +106,28 @@
|
||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
|
+ polkit_dbus_chat(consolekit_t)
|
||||||
+ polkit_domtrans_auth(consolekit_t)
|
+ polkit_domtrans_auth(consolekit_t)
|
||||||
+ polkit_read_lib(consolekit_t)
|
+ polkit_read_lib(consolekit_t)
|
||||||
+ polkit_read_reload(consolekit_t)
|
+ polkit_read_reload(consolekit_t)
|
||||||
@ -12400,7 +12405,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+')
|
+')
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.te serefpolicy-3.6.18/policy/modules/services/dbus.te
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.te serefpolicy-3.6.18/policy/modules/services/dbus.te
|
||||||
--- nsaserefpolicy/policy/modules/services/dbus.te 2009-01-19 11:06:49.000000000 -0500
|
--- nsaserefpolicy/policy/modules/services/dbus.te 2009-01-19 11:06:49.000000000 -0500
|
||||||
+++ serefpolicy-3.6.18/policy/modules/services/dbus.te 2009-06-20 06:49:47.000000000 -0400
|
+++ serefpolicy-3.6.18/policy/modules/services/dbus.te 2009-06-24 16:21:42.000000000 -0400
|
||||||
@@ -9,14 +9,15 @@
|
@@ -9,14 +9,15 @@
|
||||||
#
|
#
|
||||||
# Delcarations
|
# Delcarations
|
||||||
@ -12495,7 +12500,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
|
|
||||||
logging_send_audit_msgs(system_dbusd_t)
|
logging_send_audit_msgs(system_dbusd_t)
|
||||||
logging_send_syslog_msg(system_dbusd_t)
|
logging_send_syslog_msg(system_dbusd_t)
|
||||||
@@ -128,9 +149,38 @@
|
@@ -128,9 +149,39 @@
|
||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
@ -12507,6 +12512,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+')
|
+')
|
||||||
+
|
+
|
||||||
+optional_policy(`
|
+optional_policy(`
|
||||||
|
+ polkit_dbus_chat(system_dbusd_t)
|
||||||
+ polkit_domtrans_auth(system_dbusd_t)
|
+ polkit_domtrans_auth(system_dbusd_t)
|
||||||
+ polkit_search_lib(system_dbusd_t)
|
+ polkit_search_lib(system_dbusd_t)
|
||||||
+')
|
+')
|
||||||
@ -14081,7 +14087,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+
|
+
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.te serefpolicy-3.6.18/policy/modules/services/hal.te
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.te serefpolicy-3.6.18/policy/modules/services/hal.te
|
||||||
--- nsaserefpolicy/policy/modules/services/hal.te 2009-01-19 11:06:49.000000000 -0500
|
--- nsaserefpolicy/policy/modules/services/hal.te 2009-01-19 11:06:49.000000000 -0500
|
||||||
+++ serefpolicy-3.6.18/policy/modules/services/hal.te 2009-06-20 06:49:47.000000000 -0400
|
+++ serefpolicy-3.6.18/policy/modules/services/hal.te 2009-06-24 16:22:48.000000000 -0400
|
||||||
@@ -49,6 +49,15 @@
|
@@ -49,6 +49,15 @@
|
||||||
type hald_var_lib_t;
|
type hald_var_lib_t;
|
||||||
files_type(hald_var_lib_t)
|
files_type(hald_var_lib_t)
|
||||||
@ -14127,7 +14133,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
|
|
||||||
userdom_dontaudit_use_unpriv_user_fds(hald_t)
|
userdom_dontaudit_use_unpriv_user_fds(hald_t)
|
||||||
userdom_dontaudit_search_user_home_dirs(hald_t)
|
userdom_dontaudit_search_user_home_dirs(hald_t)
|
||||||
@@ -277,6 +294,17 @@
|
@@ -277,6 +294,18 @@
|
||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
@ -14135,6 +14141,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+')
|
+')
|
||||||
+
|
+
|
||||||
+optional_policy(`
|
+optional_policy(`
|
||||||
|
+ polkit_dbus_chat(hald_t)
|
||||||
+ polkit_domtrans_auth(hald_t)
|
+ polkit_domtrans_auth(hald_t)
|
||||||
+ polkit_domtrans_resolve(hald_t)
|
+ polkit_domtrans_resolve(hald_t)
|
||||||
+ polkit_read_lib(hald_t)
|
+ polkit_read_lib(hald_t)
|
||||||
@ -14145,7 +14152,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
rpc_search_nfs_state_data(hald_t)
|
rpc_search_nfs_state_data(hald_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
@@ -298,7 +326,11 @@
|
@@ -298,7 +327,11 @@
|
||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
@ -14158,7 +14165,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
')
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
@@ -306,7 +338,7 @@
|
@@ -306,7 +339,7 @@
|
||||||
# Hal acl local policy
|
# Hal acl local policy
|
||||||
#
|
#
|
||||||
|
|
||||||
@ -14167,7 +14174,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
allow hald_acl_t self:process { getattr signal };
|
allow hald_acl_t self:process { getattr signal };
|
||||||
allow hald_acl_t self:fifo_file rw_fifo_file_perms;
|
allow hald_acl_t self:fifo_file rw_fifo_file_perms;
|
||||||
|
|
||||||
@@ -321,6 +353,7 @@
|
@@ -321,6 +354,7 @@
|
||||||
manage_dirs_pattern(hald_acl_t, hald_var_run_t, hald_var_run_t)
|
manage_dirs_pattern(hald_acl_t, hald_var_run_t, hald_var_run_t)
|
||||||
manage_files_pattern(hald_acl_t, hald_var_run_t, hald_var_run_t)
|
manage_files_pattern(hald_acl_t, hald_var_run_t, hald_var_run_t)
|
||||||
files_pid_filetrans(hald_acl_t, hald_var_run_t, { dir file })
|
files_pid_filetrans(hald_acl_t, hald_var_run_t, { dir file })
|
||||||
@ -14175,7 +14182,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
|
|
||||||
corecmd_exec_bin(hald_acl_t)
|
corecmd_exec_bin(hald_acl_t)
|
||||||
|
|
||||||
@@ -339,6 +372,8 @@
|
@@ -339,6 +373,8 @@
|
||||||
|
|
||||||
storage_getattr_removable_dev(hald_acl_t)
|
storage_getattr_removable_dev(hald_acl_t)
|
||||||
storage_setattr_removable_dev(hald_acl_t)
|
storage_setattr_removable_dev(hald_acl_t)
|
||||||
@ -14184,11 +14191,12 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
|
|
||||||
auth_use_nsswitch(hald_acl_t)
|
auth_use_nsswitch(hald_acl_t)
|
||||||
|
|
||||||
@@ -346,12 +381,18 @@
|
@@ -346,12 +382,19 @@
|
||||||
|
|
||||||
miscfiles_read_localization(hald_acl_t)
|
miscfiles_read_localization(hald_acl_t)
|
||||||
|
|
||||||
+optional_policy(`
|
+optional_policy(`
|
||||||
|
+ polkit_dbus_chat(hald_acl_t)
|
||||||
+ polkit_domtrans_auth(hald_acl_t)
|
+ polkit_domtrans_auth(hald_acl_t)
|
||||||
+ polkit_read_lib(hald_acl_t)
|
+ polkit_read_lib(hald_acl_t)
|
||||||
+ polkit_read_reload(hald_acl_t)
|
+ polkit_read_reload(hald_acl_t)
|
||||||
@ -14204,7 +14212,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
|
|
||||||
domtrans_pattern(hald_t, hald_mac_exec_t, hald_mac_t)
|
domtrans_pattern(hald_t, hald_mac_exec_t, hald_mac_t)
|
||||||
allow hald_t hald_mac_t:process signal;
|
allow hald_t hald_mac_t:process signal;
|
||||||
@@ -374,6 +415,8 @@
|
@@ -374,6 +417,8 @@
|
||||||
|
|
||||||
auth_use_nsswitch(hald_mac_t)
|
auth_use_nsswitch(hald_mac_t)
|
||||||
|
|
||||||
@ -14213,7 +14221,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
miscfiles_read_localization(hald_mac_t)
|
miscfiles_read_localization(hald_mac_t)
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
@@ -415,6 +458,55 @@
|
@@ -415,6 +460,55 @@
|
||||||
|
|
||||||
dev_rw_input_dev(hald_keymap_t)
|
dev_rw_input_dev(hald_keymap_t)
|
||||||
|
|
||||||
@ -15502,7 +15510,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+
|
+
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.te serefpolicy-3.6.18/policy/modules/services/networkmanager.te
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.te serefpolicy-3.6.18/policy/modules/services/networkmanager.te
|
||||||
--- nsaserefpolicy/policy/modules/services/networkmanager.te 2009-01-19 11:07:34.000000000 -0500
|
--- nsaserefpolicy/policy/modules/services/networkmanager.te 2009-01-19 11:07:34.000000000 -0500
|
||||||
+++ serefpolicy-3.6.18/policy/modules/services/networkmanager.te 2009-06-20 06:49:47.000000000 -0400
|
+++ serefpolicy-3.6.18/policy/modules/services/networkmanager.te 2009-06-24 16:23:00.000000000 -0400
|
||||||
@@ -19,6 +19,9 @@
|
@@ -19,6 +19,9 @@
|
||||||
type NetworkManager_tmp_t;
|
type NetworkManager_tmp_t;
|
||||||
files_tmp_file(NetworkManager_tmp_t)
|
files_tmp_file(NetworkManager_tmp_t)
|
||||||
@ -15664,7 +15672,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
@@ -155,23 +204,50 @@
|
@@ -155,23 +204,51 @@
|
||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
@ -15694,6 +15702,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
|
+ polkit_dbus_chat(NetworkManager_t)
|
||||||
+ polkit_domtrans_auth(NetworkManager_t)
|
+ polkit_domtrans_auth(NetworkManager_t)
|
||||||
+ polkit_read_lib(NetworkManager_t)
|
+ polkit_read_lib(NetworkManager_t)
|
||||||
+ polkit_read_reload(NetworkManager_t)
|
+ polkit_read_reload(NetworkManager_t)
|
||||||
@ -15717,7 +15726,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
@@ -179,12 +255,15 @@
|
@@ -179,12 +256,15 @@
|
||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
@ -19359,6 +19368,59 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
optional_policy(`
|
optional_policy(`
|
||||||
ccs_stream_connect(ricci_modstorage_t)
|
ccs_stream_connect(ricci_modstorage_t)
|
||||||
ccs_read_config(ricci_modstorage_t)
|
ccs_read_config(ricci_modstorage_t)
|
||||||
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpcbind.if serefpolicy-3.6.18/policy/modules/services/rpcbind.if
|
||||||
|
--- nsaserefpolicy/policy/modules/services/rpcbind.if 2008-11-11 16:13:46.000000000 -0500
|
||||||
|
+++ serefpolicy-3.6.18/policy/modules/services/rpcbind.if 2009-06-24 13:42:58.000000000 -0400
|
||||||
|
@@ -97,6 +97,26 @@
|
||||||
|
|
||||||
|
########################################
|
||||||
|
## <summary>
|
||||||
|
+## Connect to rpcbindd over an unix stream socket.
|
||||||
|
+## </summary>
|
||||||
|
+## <param name="domain">
|
||||||
|
+## <summary>
|
||||||
|
+## Domain allowed access.
|
||||||
|
+## </summary>
|
||||||
|
+## </param>
|
||||||
|
+#
|
||||||
|
+interface(`rpcbind_stream_connect',`
|
||||||
|
+ gen_require(`
|
||||||
|
+ type rpcbind_t, rpcbind_var_run_t;
|
||||||
|
+ ')
|
||||||
|
+
|
||||||
|
+ files_search_pids($1)
|
||||||
|
+ allow $1 rpcbind_var_run_t:sock_file write;
|
||||||
|
+ allow $1 rpcbind_t:unix_stream_socket connectto;
|
||||||
|
+')
|
||||||
|
+
|
||||||
|
+########################################
|
||||||
|
+## <summary>
|
||||||
|
## All of the rules required to administrate
|
||||||
|
## an rpcbind environment
|
||||||
|
## </summary>
|
||||||
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.if serefpolicy-3.6.18/policy/modules/services/rpc.if
|
||||||
|
--- nsaserefpolicy/policy/modules/services/rpc.if 2009-03-20 12:39:39.000000000 -0400
|
||||||
|
+++ serefpolicy-3.6.18/policy/modules/services/rpc.if 2009-06-24 13:43:27.000000000 -0400
|
||||||
|
@@ -54,7 +54,7 @@
|
||||||
|
allow $1_t self:unix_dgram_socket create_socket_perms;
|
||||||
|
allow $1_t self:unix_stream_socket create_stream_socket_perms;
|
||||||
|
allow $1_t self:tcp_socket create_stream_socket_perms;
|
||||||
|
- allow $1_t self:udp_socket create_socket_perms;
|
||||||
|
+ allow $1_t self:udp_socket create_stream_socket_perms;
|
||||||
|
|
||||||
|
manage_dirs_pattern($1_t, var_lib_nfs_t, var_lib_nfs_t)
|
||||||
|
manage_files_pattern($1_t, var_lib_nfs_t, var_lib_nfs_t)
|
||||||
|
@@ -109,6 +109,10 @@
|
||||||
|
userdom_dontaudit_use_unpriv_user_fds($1_t)
|
||||||
|
|
||||||
|
optional_policy(`
|
||||||
|
+ rpcbind_stream_connect($1_t)
|
||||||
|
+ ')
|
||||||
|
+
|
||||||
|
+ optional_policy(`
|
||||||
|
seutil_sigchld_newrole($1_t)
|
||||||
|
')
|
||||||
|
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.te serefpolicy-3.6.18/policy/modules/services/rpc.te
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.te serefpolicy-3.6.18/policy/modules/services/rpc.te
|
||||||
--- nsaserefpolicy/policy/modules/services/rpc.te 2009-03-20 12:39:39.000000000 -0400
|
--- nsaserefpolicy/policy/modules/services/rpc.te 2009-03-20 12:39:39.000000000 -0400
|
||||||
+++ serefpolicy-3.6.18/policy/modules/services/rpc.te 2009-06-20 06:49:47.000000000 -0400
|
+++ serefpolicy-3.6.18/policy/modules/services/rpc.te 2009-06-20 06:49:47.000000000 -0400
|
||||||
@ -22985,7 +23047,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+
|
+
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/virt.te serefpolicy-3.6.18/policy/modules/services/virt.te
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/virt.te serefpolicy-3.6.18/policy/modules/services/virt.te
|
||||||
--- nsaserefpolicy/policy/modules/services/virt.te 2009-01-19 11:06:49.000000000 -0500
|
--- nsaserefpolicy/policy/modules/services/virt.te 2009-01-19 11:06:49.000000000 -0500
|
||||||
+++ serefpolicy-3.6.18/policy/modules/services/virt.te 2009-06-22 18:01:06.000000000 -0400
|
+++ serefpolicy-3.6.18/policy/modules/services/virt.te 2009-06-24 16:23:19.000000000 -0400
|
||||||
@@ -8,19 +8,38 @@
|
@@ -8,19 +8,38 @@
|
||||||
|
|
||||||
## <desc>
|
## <desc>
|
||||||
@ -23178,7 +23240,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
|
|
||||||
tunable_policy(`virt_use_nfs',`
|
tunable_policy(`virt_use_nfs',`
|
||||||
fs_manage_nfs_dirs(virtd_t)
|
fs_manage_nfs_dirs(virtd_t)
|
||||||
@@ -167,22 +247,34 @@
|
@@ -167,22 +247,35 @@
|
||||||
dnsmasq_domtrans(virtd_t)
|
dnsmasq_domtrans(virtd_t)
|
||||||
dnsmasq_signal(virtd_t)
|
dnsmasq_signal(virtd_t)
|
||||||
dnsmasq_kill(virtd_t)
|
dnsmasq_kill(virtd_t)
|
||||||
@ -23203,6 +23265,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+')
|
+')
|
||||||
+
|
+
|
||||||
+optional_policy(`
|
+optional_policy(`
|
||||||
|
+ polkit_dbus_chat(virtd_t)
|
||||||
+ polkit_domtrans_auth(virtd_t)
|
+ polkit_domtrans_auth(virtd_t)
|
||||||
+ polkit_domtrans_resolve(virtd_t)
|
+ polkit_domtrans_resolve(virtd_t)
|
||||||
+ polkit_read_lib(virtd_t)
|
+ polkit_read_lib(virtd_t)
|
||||||
@ -23218,7 +23281,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
@@ -195,8 +287,94 @@
|
@@ -195,8 +288,94 @@
|
||||||
|
|
||||||
xen_stream_connect(virtd_t)
|
xen_stream_connect(virtd_t)
|
||||||
xen_stream_connect_xenstore(virtd_t)
|
xen_stream_connect_xenstore(virtd_t)
|
||||||
@ -24085,7 +24148,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+
|
+
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.te serefpolicy-3.6.18/policy/modules/services/xserver.te
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.te serefpolicy-3.6.18/policy/modules/services/xserver.te
|
||||||
--- nsaserefpolicy/policy/modules/services/xserver.te 2009-01-19 11:06:49.000000000 -0500
|
--- nsaserefpolicy/policy/modules/services/xserver.te 2009-01-19 11:06:49.000000000 -0500
|
||||||
+++ serefpolicy-3.6.18/policy/modules/services/xserver.te 2009-06-20 06:49:47.000000000 -0400
|
+++ serefpolicy-3.6.18/policy/modules/services/xserver.te 2009-06-24 16:23:32.000000000 -0400
|
||||||
@@ -34,6 +34,13 @@
|
@@ -34,6 +34,13 @@
|
||||||
|
|
||||||
## <desc>
|
## <desc>
|
||||||
@ -24510,10 +24573,11 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
hostname_exec(xdm_t)
|
hostname_exec(xdm_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
@@ -542,6 +648,23 @@
|
@@ -542,6 +648,24 @@
|
||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
|
+ polkit_dbus_chat(xdm_t)
|
||||||
+ polkit_domtrans_auth(xdm_t)
|
+ polkit_domtrans_auth(xdm_t)
|
||||||
+ polkit_read_lib(xdm_t)
|
+ polkit_read_lib(xdm_t)
|
||||||
+ polkit_read_reload(xdm_t)
|
+ polkit_read_reload(xdm_t)
|
||||||
@ -24534,7 +24598,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
seutil_sigchld_newrole(xdm_t)
|
seutil_sigchld_newrole(xdm_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
@@ -550,8 +673,9 @@
|
@@ -550,8 +674,9 @@
|
||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
@ -24546,7 +24610,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
|
|
||||||
ifndef(`distro_redhat',`
|
ifndef(`distro_redhat',`
|
||||||
allow xdm_t self:process { execheap execmem };
|
allow xdm_t self:process { execheap execmem };
|
||||||
@@ -560,7 +684,6 @@
|
@@ -560,7 +685,6 @@
|
||||||
ifdef(`distro_rhel4',`
|
ifdef(`distro_rhel4',`
|
||||||
allow xdm_t self:process { execheap execmem };
|
allow xdm_t self:process { execheap execmem };
|
||||||
')
|
')
|
||||||
@ -24554,7 +24618,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
userhelper_dontaudit_search_config(xdm_t)
|
userhelper_dontaudit_search_config(xdm_t)
|
||||||
@@ -571,6 +694,10 @@
|
@@ -571,6 +695,10 @@
|
||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
@ -24565,7 +24629,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
xfs_stream_connect(xdm_t)
|
xfs_stream_connect(xdm_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
@@ -587,7 +714,7 @@
|
@@ -587,7 +715,7 @@
|
||||||
# execheap needed until the X module loader is fixed.
|
# execheap needed until the X module loader is fixed.
|
||||||
# NVIDIA Needs execstack
|
# NVIDIA Needs execstack
|
||||||
|
|
||||||
@ -24574,7 +24638,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
dontaudit xserver_t self:capability chown;
|
dontaudit xserver_t self:capability chown;
|
||||||
allow xserver_t self:process ~{ ptrace setcurrent setexec setfscreate setrlimit execmem execstack execheap };
|
allow xserver_t self:process ~{ ptrace setcurrent setexec setfscreate setrlimit execmem execstack execheap };
|
||||||
allow xserver_t self:memprotect mmap_zero;
|
allow xserver_t self:memprotect mmap_zero;
|
||||||
@@ -602,9 +729,11 @@
|
@@ -602,9 +730,11 @@
|
||||||
allow xserver_t self:unix_stream_socket { create_stream_socket_perms connectto };
|
allow xserver_t self:unix_stream_socket { create_stream_socket_perms connectto };
|
||||||
allow xserver_t self:tcp_socket create_stream_socket_perms;
|
allow xserver_t self:tcp_socket create_stream_socket_perms;
|
||||||
allow xserver_t self:udp_socket create_socket_perms;
|
allow xserver_t self:udp_socket create_socket_perms;
|
||||||
@ -24586,7 +24650,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
|
|
||||||
allow xserver_t { input_xevent_t input_xevent_type }:x_event send;
|
allow xserver_t { input_xevent_t input_xevent_type }:x_event send;
|
||||||
|
|
||||||
@@ -616,13 +745,14 @@
|
@@ -616,13 +746,14 @@
|
||||||
type_transition xserver_t xserver_t:{ x_drawable x_colormap } rootwindow_t;
|
type_transition xserver_t xserver_t:{ x_drawable x_colormap } rootwindow_t;
|
||||||
|
|
||||||
allow xserver_t { rootwindow_t x_domain }:x_drawable send;
|
allow xserver_t { rootwindow_t x_domain }:x_drawable send;
|
||||||
@ -24602,7 +24666,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
|
|
||||||
manage_dirs_pattern(xserver_t, xserver_tmpfs_t, xserver_tmpfs_t)
|
manage_dirs_pattern(xserver_t, xserver_tmpfs_t, xserver_tmpfs_t)
|
||||||
manage_files_pattern(xserver_t, xserver_tmpfs_t, xserver_tmpfs_t)
|
manage_files_pattern(xserver_t, xserver_tmpfs_t, xserver_tmpfs_t)
|
||||||
@@ -635,9 +765,19 @@
|
@@ -635,9 +766,19 @@
|
||||||
manage_lnk_files_pattern(xserver_t, xkb_var_lib_t, xkb_var_lib_t)
|
manage_lnk_files_pattern(xserver_t, xkb_var_lib_t, xkb_var_lib_t)
|
||||||
files_search_var_lib(xserver_t)
|
files_search_var_lib(xserver_t)
|
||||||
|
|
||||||
@ -24622,7 +24686,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
|
|
||||||
kernel_read_system_state(xserver_t)
|
kernel_read_system_state(xserver_t)
|
||||||
kernel_read_device_sysctls(xserver_t)
|
kernel_read_device_sysctls(xserver_t)
|
||||||
@@ -680,9 +820,14 @@
|
@@ -680,9 +821,14 @@
|
||||||
dev_rw_xserver_misc(xserver_t)
|
dev_rw_xserver_misc(xserver_t)
|
||||||
# read events - the synaptics touchpad driver reads raw events
|
# read events - the synaptics touchpad driver reads raw events
|
||||||
dev_rw_input_dev(xserver_t)
|
dev_rw_input_dev(xserver_t)
|
||||||
@ -24637,7 +24701,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
|
|
||||||
files_read_etc_files(xserver_t)
|
files_read_etc_files(xserver_t)
|
||||||
files_read_etc_runtime_files(xserver_t)
|
files_read_etc_runtime_files(xserver_t)
|
||||||
@@ -697,8 +842,12 @@
|
@@ -697,8 +843,12 @@
|
||||||
fs_search_nfs(xserver_t)
|
fs_search_nfs(xserver_t)
|
||||||
fs_search_auto_mountpoints(xserver_t)
|
fs_search_auto_mountpoints(xserver_t)
|
||||||
fs_search_ramfs(xserver_t)
|
fs_search_ramfs(xserver_t)
|
||||||
@ -24650,7 +24714,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
|
|
||||||
selinux_validate_context(xserver_t)
|
selinux_validate_context(xserver_t)
|
||||||
selinux_compute_access_vector(xserver_t)
|
selinux_compute_access_vector(xserver_t)
|
||||||
@@ -720,6 +869,7 @@
|
@@ -720,6 +870,7 @@
|
||||||
|
|
||||||
miscfiles_read_localization(xserver_t)
|
miscfiles_read_localization(xserver_t)
|
||||||
miscfiles_read_fonts(xserver_t)
|
miscfiles_read_fonts(xserver_t)
|
||||||
@ -24658,7 +24722,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
|
|
||||||
modutils_domtrans_insmod(xserver_t)
|
modutils_domtrans_insmod(xserver_t)
|
||||||
|
|
||||||
@@ -742,7 +892,7 @@
|
@@ -742,7 +893,7 @@
|
||||||
')
|
')
|
||||||
|
|
||||||
ifdef(`enable_mls',`
|
ifdef(`enable_mls',`
|
||||||
@ -24667,7 +24731,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
range_transition xserver_t xserver_t:x_drawable s0 - mls_systemhigh;
|
range_transition xserver_t xserver_t:x_drawable s0 - mls_systemhigh;
|
||||||
')
|
')
|
||||||
|
|
||||||
@@ -774,12 +924,20 @@
|
@@ -774,12 +925,20 @@
|
||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
@ -24689,7 +24753,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
unconfined_domtrans(xserver_t)
|
unconfined_domtrans(xserver_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
@@ -806,7 +964,7 @@
|
@@ -806,7 +965,7 @@
|
||||||
allow xserver_t xdm_var_lib_t:file { getattr read };
|
allow xserver_t xdm_var_lib_t:file { getattr read };
|
||||||
dontaudit xserver_t xdm_var_lib_t:dir search;
|
dontaudit xserver_t xdm_var_lib_t:dir search;
|
||||||
|
|
||||||
@ -24698,7 +24762,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
|
|
||||||
# Label pid and temporary files with derived types.
|
# Label pid and temporary files with derived types.
|
||||||
manage_files_pattern(xserver_t, xdm_tmp_t, xdm_tmp_t)
|
manage_files_pattern(xserver_t, xdm_tmp_t, xdm_tmp_t)
|
||||||
@@ -827,9 +985,14 @@
|
@@ -827,9 +986,14 @@
|
||||||
# to read ROLE_home_t - examine this in more detail
|
# to read ROLE_home_t - examine this in more detail
|
||||||
# (xauth?)
|
# (xauth?)
|
||||||
userdom_read_user_home_content_files(xserver_t)
|
userdom_read_user_home_content_files(xserver_t)
|
||||||
@ -24713,7 +24777,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
tunable_policy(`use_nfs_home_dirs',`
|
tunable_policy(`use_nfs_home_dirs',`
|
||||||
fs_manage_nfs_dirs(xserver_t)
|
fs_manage_nfs_dirs(xserver_t)
|
||||||
fs_manage_nfs_files(xserver_t)
|
fs_manage_nfs_files(xserver_t)
|
||||||
@@ -844,11 +1007,14 @@
|
@@ -844,11 +1008,14 @@
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
dbus_system_bus_client(xserver_t)
|
dbus_system_bus_client(xserver_t)
|
||||||
@ -24729,7 +24793,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
@@ -856,6 +1022,11 @@
|
@@ -856,6 +1023,11 @@
|
||||||
rhgb_rw_tmpfs_files(xserver_t)
|
rhgb_rw_tmpfs_files(xserver_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
@ -24741,7 +24805,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
########################################
|
########################################
|
||||||
#
|
#
|
||||||
# Rules common to all X window domains
|
# Rules common to all X window domains
|
||||||
@@ -881,6 +1052,8 @@
|
@@ -881,6 +1053,8 @@
|
||||||
# X Server
|
# X Server
|
||||||
# can read server-owned resources
|
# can read server-owned resources
|
||||||
allow x_domain xserver_t:x_resource read;
|
allow x_domain xserver_t:x_resource read;
|
||||||
@ -24750,7 +24814,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
# can mess with own clients
|
# can mess with own clients
|
||||||
allow x_domain self:x_client { manage destroy };
|
allow x_domain self:x_client { manage destroy };
|
||||||
|
|
||||||
@@ -905,6 +1078,8 @@
|
@@ -905,6 +1079,8 @@
|
||||||
# operations allowed on my windows
|
# operations allowed on my windows
|
||||||
allow x_domain self:x_drawable { create destroy getattr setattr read write show hide list_child add_child remove_child manage send receive };
|
allow x_domain self:x_drawable { create destroy getattr setattr read write show hide list_child add_child remove_child manage send receive };
|
||||||
|
|
||||||
@ -24759,7 +24823,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
# X Colormaps
|
# X Colormaps
|
||||||
# can use the default colormap
|
# can use the default colormap
|
||||||
allow x_domain rootwindow_t:x_colormap { read use add_color };
|
allow x_domain rootwindow_t:x_colormap { read use add_color };
|
||||||
@@ -972,17 +1147,49 @@
|
@@ -972,17 +1148,49 @@
|
||||||
allow xserver_unconfined_type { x_domain xserver_t }:x_resource *;
|
allow xserver_unconfined_type { x_domain xserver_t }:x_resource *;
|
||||||
allow xserver_unconfined_type xevent_type:{ x_event x_synthetic_event } *;
|
allow xserver_unconfined_type xevent_type:{ x_event x_synthetic_event } *;
|
||||||
|
|
||||||
|
@ -20,7 +20,7 @@
|
|||||||
Summary: SELinux policy configuration
|
Summary: SELinux policy configuration
|
||||||
Name: selinux-policy
|
Name: selinux-policy
|
||||||
Version: 3.6.19
|
Version: 3.6.19
|
||||||
Release: 3%{?dist}
|
Release: 4%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
Source: serefpolicy-%{version}.tgz
|
Source: serefpolicy-%{version}.tgz
|
||||||
@ -473,6 +473,9 @@ exit 0
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Jun 24 2009 Dan Walsh <dwalsh@redhat.com> 3.6.19-4
|
||||||
|
- Allow rpcd_t to stream connect to rpcbind
|
||||||
|
|
||||||
* Tue Jun 23 2009 Dan Walsh <dwalsh@redhat.com> 3.6.19-3
|
* Tue Jun 23 2009 Dan Walsh <dwalsh@redhat.com> 3.6.19-3
|
||||||
- Allow kpropd to create tmp files
|
- Allow kpropd to create tmp files
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user