- Allow openoffice execstack/execmem privs

2008-10-28 20:06:14 +00:00 · 2008-10-28 20:06:14 +00:00 · d8e5d05b6e
commit d8e5d05b6e
parent a3e038c1a1
4 changed files with 668 additions and 583 deletions
--- a/booleans-minimum.conf
+++ b/booleans-minimum.conf
@ -8,7 +8,7 @@ allow_execmod = false
 # Allow making the stack executable via mprotect.Also requires allow_execmem.
 # 
-allow_execstack = false
+allow_execstack = true
 # Allow ftpd to read cifs directories.
 # 
--- a/booleans-targeted.conf
+++ b/booleans-targeted.conf
@ -8,7 +8,7 @@ allow_execmod = false
 # Allow making the stack executable via mprotect.Also requires allow_execmem.
 # 
-allow_execstack = false
+allow_execstack = true
 # Allow ftpd to read cifs directories.
 # 
--- a/policy-20080710.patch
+++ b/policy-20080710.patch
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -323,15 +323,10 @@ SELinux Reference policy targeted base module.
 %post targeted
 if [ $1 -eq 1 ]; then
 %loadpolicy targeted
-semanage -S targeted -i - << __eof
+#semanage -S targeted -i - << __eof
-user -a -P user -R "unconfined_r system_r" -r s0-s0:c0.c1023 unconfined_u 
+#login -m  -s unconfined_u -r s0-s0:c0.c1023 __default__
-user -a -P user -R guest_r guest_u
+#login -m  -s unconfined_u -r s0-s0:c0.c1023 root
-user -a -P user -R xguest_r xguest_u 
+#__eof
 __eof
 semanage -S targeted -i - << __eof
 login -m  -s unconfined_u -r s0-s0:c0.c1023 __default__
 login -m  -s unconfined_u -r s0-s0:c0.c1023 root
 __eof
 restorecon -R /root /var/log /var/run 2> /dev/null
 else
 semodule -s targeted -r moilscanner 2>/dev/null