- Allow login programs to set ioctl on /proc

2007-09-25 14:20:38 +00:00 · 2007-09-25 14:20:38 +00:00 · ed4ac3da5c
commit ed4ac3da5c
parent fb11ad6653
1 changed files with 3 additions and 3 deletions
--- a/policy-20070703.patch
+++ b/policy-20070703.patch
@ -7727,7 +7727,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfix.te serefpolicy-3.0.8/policy/modules/services/postfix.te
 --- nsaserefpolicy/policy/modules/services/postfix.te	2007-07-25 10:37:42.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/postfix.te	2007-09-17 16:20:18.000000000 -0400
+++ serefpolicy-3.0.8/policy/modules/services/postfix.te	2007-09-25 10:06:53.000000000 -0400
@@ -6,6 +6,14 @@
 # Declarations
 #
@ -10456,7 +10456,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
 +/var/cache/coolkey(/.*)?	gen_context(system_u:object_r:auth_cache_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.if serefpolicy-3.0.8/policy/modules/system/authlogin.if
 --- nsaserefpolicy/policy/modules/system/authlogin.if	2007-08-22 07:14:13.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/system/authlogin.if	2007-09-24 17:17:30.000000000 -0400
+++ serefpolicy-3.0.8/policy/modules/system/authlogin.if	2007-09-25 10:18:40.000000000 -0400
@@ -26,7 +26,8 @@
 	type $1_chkpwd_t, can_read_shadow_passwords;
 	application_domain($1_chkpwd_t,chkpwd_exec_t)
@ -10493,7 +10493,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
 	role system_r types $1;
 +	# needed for afs - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=253321
-+	kernel_write_proc_files(sshd_t)
+	kernel_write_proc_files($1)
 +
 +
 +	auth_keyring_domain($1)