rpms/selinux-policy
5
0
Fork 0
Code Issues Pull Requests Releases Activity

- Add inotify support to nscd

Browse Source
This commit is contained in:
Daniel J Walsh 2008-07-10 15:28:32 +00:00
parent 6db69f086d
commit df6220163f
2 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
policy-20080509.patch
View File

@ -11797,7 +11797,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/blue
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bluetooth.te serefpolicy-3.4.2/policy/modules/services/bluetooth.te
--- nsaserefpolicy/policy/modules/services/bluetooth.te 2008-06-12 23:25:05.000000000 -0400
+++ serefpolicy-3.4.2/policy/modules/services/bluetooth.te 2008-07-02 08:47:04.000000000 -0400
+++ serefpolicy-3.4.2/policy/modules/services/bluetooth.te 2008-07-09 15:25:46.000000000 -0400
@@ -32,19 +32,22 @@
type bluetooth_var_run_t;
files_pid_file(bluetooth_var_run_t)
@ -11840,12 +11840,14 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/blue
libs_use_ld_so(bluetooth_t)
libs_use_shared_libs(bluetooth_t)
@@ -118,20 +124,18 @@
@@ -117,21 +123,20 @@
miscfiles_read_localization(bluetooth_t)
miscfiles_read_fonts(bluetooth_t)
-sysnet_read_config(bluetooth_t)
-
-sysnet_read_config(bluetooth_t)
+miscfiles_read_hwdata(bluetooth_t)
userdom_dontaudit_use_unpriv_user_fds(bluetooth_t)
-
sysadm_dontaudit_use_ptys(bluetooth_t)

8
selinux-policy.spec
View File

@ -278,7 +278,7 @@ SELinux Reference policy targeted base module.
%post targeted
if [ $1 -eq 1 ]; then
%loadpolicy targeted
bnsemanage user -a -S targeted -P user -R "unconfined_r system_r" -r s0-s0:c0.c1023 unconfined_u
semanage user -a -S targeted -P user -R "unconfined_r system_r" -r s0-s0:c0.c1023 unconfined_u
semanage login -m -S targeted -s "unconfined_u" -r s0-s0:c0.c1023 __default__
semanage login -m -S targeted -s "unconfined_u" -r s0-s0:c0.c1023 root
semanage user -a -S targeted -P user -R guest_r guest_u
@ -296,11 +296,11 @@ exit 0
. /etc/selinux/config
[ "${SELINUXTYPE}" != "targeted" ] && exit 0
setsebool -P use_nfs_home_dirs=1
semanage user -l | grep -s unconfined_u
semanage user -l | grep -s unconfined_u > /dev/null
if [ $? -eq 0 ]; then
semanage user -m -R "unconfined_r system_r" -r s0-s0:c0.c1023 unconfined_u 2> /dev/null
semanage user -m -R "unconfined_r system_r" -r s0-s0:c0.c1023 unconfined_u
else
semanage user -a -P user -R "unconfined_r system_r" -r s0-s0:c0.c1023 unconfined_u 2> /dev/null
semanage user -a -P user -R "unconfined_r system_r" -r s0-s0:c0.c1023 unconfined_u
fi
seuser=`semanage login -l | grep __default__ | awk '{ print $2 }'`
[ "$seuser" != "unconfined_u" ] && semanage login -m -s "unconfined_u" -r s0-s0:c0.c1023 __default__