Sudo patch from Dan Walsh.

This commit is contained in:
Chris PeBenito 2010-02-11 09:15:45 -05:00
parent ca5dc2f1cb
commit ed03a5b916
2 changed files with 8 additions and 3 deletions

View File

@ -66,6 +66,7 @@ template(`sudo_role_template',`
allow $1_sudo_t self:unix_stream_socket create_stream_socket_perms; allow $1_sudo_t self:unix_stream_socket create_stream_socket_perms;
allow $1_sudo_t self:unix_dgram_socket sendto; allow $1_sudo_t self:unix_dgram_socket sendto;
allow $1_sudo_t self:unix_stream_socket connectto; allow $1_sudo_t self:unix_stream_socket connectto;
allow $1_sudo_t self:key manage_key_perms;
allow $1_sudo_t $3:key search; allow $1_sudo_t $3:key search;
@ -84,7 +85,7 @@ template(`sudo_role_template',`
kernel_link_key($1_sudo_t) kernel_link_key($1_sudo_t)
corecmd_read_bin_symlinks($1_sudo_t) corecmd_read_bin_symlinks($1_sudo_t)
corecmd_getattr_all_executables($1_sudo_t) corecmd_exec_all_executables($1_sudo_t)
dev_read_urand($1_sudo_t) dev_read_urand($1_sudo_t)
dev_rw_generic_usb_dev($1_sudo_t) dev_rw_generic_usb_dev($1_sudo_t)
@ -132,7 +133,6 @@ template(`sudo_role_template',`
userdom_manage_user_tmp_files($1_sudo_t) userdom_manage_user_tmp_files($1_sudo_t)
userdom_manage_user_tmp_symlinks($1_sudo_t) userdom_manage_user_tmp_symlinks($1_sudo_t)
userdom_use_user_terminals($1_sudo_t) userdom_use_user_terminals($1_sudo_t)
userdom_use_user_terminals($1_sudo_t)
# for some PAM modules and for cwd # for some PAM modules and for cwd
userdom_dontaudit_search_user_home_content($1_sudo_t) userdom_dontaudit_search_user_home_content($1_sudo_t)
@ -147,6 +147,11 @@ template(`sudo_role_template',`
optional_policy(` optional_policy(`
dbus_system_bus_client($1_sudo_t) dbus_system_bus_client($1_sudo_t)
') ')
optional_policy(`
fprintd_dbus_chat($1_sudo_t)
')
') ')
######################################## ########################################

View File

@ -1,5 +1,5 @@
policy_module(sudo, 1.5.0) policy_module(sudo, 1.5.1)
######################################## ########################################
# #