trunk: 4 patches from dan.
This commit is contained in:
parent
9377a3e59c
commit
e828954c63
@ -1,5 +1,5 @@
|
|||||||
|
|
||||||
policy_module(slocate,1.6.0)
|
policy_module(slocate,1.6.1)
|
||||||
|
|
||||||
#################################
|
#################################
|
||||||
#
|
#
|
||||||
@ -39,6 +39,7 @@ dev_getattr_all_chr_files(locate_t)
|
|||||||
|
|
||||||
files_list_all(locate_t)
|
files_list_all(locate_t)
|
||||||
files_getattr_all_files(locate_t)
|
files_getattr_all_files(locate_t)
|
||||||
|
files_getattr_all_pipes(locate_t)
|
||||||
files_getattr_all_sockets(locate_t)
|
files_getattr_all_sockets(locate_t)
|
||||||
files_read_etc_runtime_files(locate_t)
|
files_read_etc_runtime_files(locate_t)
|
||||||
files_read_etc_files(locate_t)
|
files_read_etc_files(locate_t)
|
||||||
|
@ -336,10 +336,8 @@ interface(`lpd_manage_spool',`
|
|||||||
')
|
')
|
||||||
|
|
||||||
files_search_spool($1)
|
files_search_spool($1)
|
||||||
manage_files_pattern($1,print_spool_t,print_spool_t)
|
manage_dirs_pattern($1, print_spool_t, print_spool_t)
|
||||||
|
manage_files_pattern($1, print_spool_t, print_spool_t)
|
||||||
# cjp: cups wants setattr
|
|
||||||
allow $1 print_spool_t:dir setattr;
|
|
||||||
')
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
|
|
||||||
policy_module(lpd,1.8.0)
|
policy_module(lpd,1.8.1)
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
#
|
#
|
||||||
|
@ -3,3 +3,5 @@
|
|||||||
/opt/NX/home/nx/\.ssh(/.*)? gen_context(system_u:object_r:nx_server_home_ssh_t,s0)
|
/opt/NX/home/nx/\.ssh(/.*)? gen_context(system_u:object_r:nx_server_home_ssh_t,s0)
|
||||||
|
|
||||||
/opt/NX/var(/.*)? gen_context(system_u:object_r:nx_server_var_run_t,s0)
|
/opt/NX/var(/.*)? gen_context(system_u:object_r:nx_server_var_run_t,s0)
|
||||||
|
|
||||||
|
/usr/libexec/nx/nxserver -- gen_context(system_u:object_r:nx_server_exec_t,s0)
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
|
|
||||||
policy_module(nx,1.2.0)
|
policy_module(nx,1.2.1)
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
#
|
#
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
|
|
||||||
policy_module(pcscd,1.3.0)
|
policy_module(pcscd,1.3.1)
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
#
|
#
|
||||||
@ -45,6 +45,7 @@ dev_search_sysfs(pcscd_t)
|
|||||||
files_read_etc_files(pcscd_t)
|
files_read_etc_files(pcscd_t)
|
||||||
files_read_etc_runtime_files(pcscd_t)
|
files_read_etc_runtime_files(pcscd_t)
|
||||||
|
|
||||||
|
term_use_unallocated_ttys(pcscd_t)
|
||||||
term_dontaudit_getattr_pty_dirs(pcscd_t)
|
term_dontaudit_getattr_pty_dirs(pcscd_t)
|
||||||
|
|
||||||
libs_use_ld_so(pcscd_t)
|
libs_use_ld_so(pcscd_t)
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
|
|
||||||
policy_module(hotplug,1.7.0)
|
policy_module(hotplug,1.7.1)
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
#
|
#
|
||||||
@ -179,6 +179,7 @@ optional_policy(`
|
|||||||
sysnet_read_dhcpc_pid(hotplug_t)
|
sysnet_read_dhcpc_pid(hotplug_t)
|
||||||
sysnet_rw_dhcp_config(hotplug_t)
|
sysnet_rw_dhcp_config(hotplug_t)
|
||||||
sysnet_domtrans_ifconfig(hotplug_t)
|
sysnet_domtrans_ifconfig(hotplug_t)
|
||||||
|
sysnet_signal_ifconfig(hotplug_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
|
@ -441,6 +441,25 @@ interface(`sysnet_exec_ifconfig',`
|
|||||||
can_exec($1,ifconfig_exec_t)
|
can_exec($1,ifconfig_exec_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
|
########################################
|
||||||
|
## <summary>
|
||||||
|
## Send a generic signal to ifconfig.
|
||||||
|
## </summary>
|
||||||
|
## <param name="domain">
|
||||||
|
## <summary>
|
||||||
|
## Domain allowed access.
|
||||||
|
## </summary>
|
||||||
|
## </param>
|
||||||
|
## <rolecap/>
|
||||||
|
#
|
||||||
|
interface(`sysnet_signal_ifconfig',`
|
||||||
|
gen_require(`
|
||||||
|
type ifconfig_t;
|
||||||
|
')
|
||||||
|
|
||||||
|
allow $1 ifconfig_t:process signal;
|
||||||
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
## <summary>
|
## <summary>
|
||||||
## Read the DHCP configuration files.
|
## Read the DHCP configuration files.
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
|
|
||||||
policy_module(sysnetwork,1.5.1)
|
policy_module(sysnetwork,1.5.2)
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
#
|
#
|
||||||
|
Loading…
Reference in New Issue
Block a user