trunk: 4 patches from dan.

This commit is contained in:
Chris PeBenito 2008-03-27 15:20:16 +00:00
parent 9377a3e59c
commit e828954c63
9 changed files with 32 additions and 10 deletions

View File

@ -1,5 +1,5 @@
policy_module(slocate,1.6.0) policy_module(slocate,1.6.1)
################################# #################################
# #
@ -39,6 +39,7 @@ dev_getattr_all_chr_files(locate_t)
files_list_all(locate_t) files_list_all(locate_t)
files_getattr_all_files(locate_t) files_getattr_all_files(locate_t)
files_getattr_all_pipes(locate_t)
files_getattr_all_sockets(locate_t) files_getattr_all_sockets(locate_t)
files_read_etc_runtime_files(locate_t) files_read_etc_runtime_files(locate_t)
files_read_etc_files(locate_t) files_read_etc_files(locate_t)

View File

@ -336,10 +336,8 @@ interface(`lpd_manage_spool',`
') ')
files_search_spool($1) files_search_spool($1)
manage_files_pattern($1,print_spool_t,print_spool_t) manage_dirs_pattern($1, print_spool_t, print_spool_t)
manage_files_pattern($1, print_spool_t, print_spool_t)
# cjp: cups wants setattr
allow $1 print_spool_t:dir setattr;
') ')
######################################## ########################################

View File

@ -1,5 +1,5 @@
policy_module(lpd,1.8.0) policy_module(lpd,1.8.1)
######################################## ########################################
# #

View File

@ -3,3 +3,5 @@
/opt/NX/home/nx/\.ssh(/.*)? gen_context(system_u:object_r:nx_server_home_ssh_t,s0) /opt/NX/home/nx/\.ssh(/.*)? gen_context(system_u:object_r:nx_server_home_ssh_t,s0)
/opt/NX/var(/.*)? gen_context(system_u:object_r:nx_server_var_run_t,s0) /opt/NX/var(/.*)? gen_context(system_u:object_r:nx_server_var_run_t,s0)
/usr/libexec/nx/nxserver -- gen_context(system_u:object_r:nx_server_exec_t,s0)

View File

@ -1,5 +1,5 @@
policy_module(nx,1.2.0) policy_module(nx,1.2.1)
######################################## ########################################
# #

View File

@ -1,5 +1,5 @@
policy_module(pcscd,1.3.0) policy_module(pcscd,1.3.1)
######################################## ########################################
# #
@ -45,6 +45,7 @@ dev_search_sysfs(pcscd_t)
files_read_etc_files(pcscd_t) files_read_etc_files(pcscd_t)
files_read_etc_runtime_files(pcscd_t) files_read_etc_runtime_files(pcscd_t)
term_use_unallocated_ttys(pcscd_t)
term_dontaudit_getattr_pty_dirs(pcscd_t) term_dontaudit_getattr_pty_dirs(pcscd_t)
libs_use_ld_so(pcscd_t) libs_use_ld_so(pcscd_t)

View File

@ -1,5 +1,5 @@
policy_module(hotplug,1.7.0) policy_module(hotplug,1.7.1)
######################################## ########################################
# #
@ -179,6 +179,7 @@ optional_policy(`
sysnet_read_dhcpc_pid(hotplug_t) sysnet_read_dhcpc_pid(hotplug_t)
sysnet_rw_dhcp_config(hotplug_t) sysnet_rw_dhcp_config(hotplug_t)
sysnet_domtrans_ifconfig(hotplug_t) sysnet_domtrans_ifconfig(hotplug_t)
sysnet_signal_ifconfig(hotplug_t)
') ')
optional_policy(` optional_policy(`

View File

@ -441,6 +441,25 @@ interface(`sysnet_exec_ifconfig',`
can_exec($1,ifconfig_exec_t) can_exec($1,ifconfig_exec_t)
') ')
########################################
## <summary>
## Send a generic signal to ifconfig.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`sysnet_signal_ifconfig',`
gen_require(`
type ifconfig_t;
')
allow $1 ifconfig_t:process signal;
')
######################################## ########################################
## <summary> ## <summary>
## Read the DHCP configuration files. ## Read the DHCP configuration files.

View File

@ -1,5 +1,5 @@
policy_module(sysnetwork,1.5.1) policy_module(sysnetwork,1.5.2)
######################################## ########################################
# #