Turn on mock_t and thumb_t for unconfined domains
This commit is contained in:
parent
62727652eb
commit
f875d285bd
@ -17,7 +17,7 @@
|
|||||||
Summary: SELinux policy configuration
|
Summary: SELinux policy configuration
|
||||||
Name: selinux-policy
|
Name: selinux-policy
|
||||||
Version: 3.10.0
|
Version: 3.10.0
|
||||||
Release: 46%{?dist}
|
Release: 46.1%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
Source: serefpolicy-%{version}.tgz
|
Source: serefpolicy-%{version}.tgz
|
||||||
@ -481,7 +481,10 @@ SELinux Reference policy mls base module.
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Fri Oct 20 2011 Miroslav Grepl <mgrepl@redhat.com> 3.10.0-46
|
* Thu Oct 21 2011 Dan Walsh <dwalsh@redhat.com> 3.10.0-46.1
|
||||||
|
- Turn on mock_t and thumb_t for unconfined domains
|
||||||
|
|
||||||
|
* Fri Oct 21 2011 Miroslav Grepl <mgrepl@redhat.com> 3.10.0-46
|
||||||
- Policy update should not modify local contexts
|
- Policy update should not modify local contexts
|
||||||
|
|
||||||
* Thu Oct 20 2011 Dan Walsh <dwalsh@redhat.com> 3.10.0-45.1
|
* Thu Oct 20 2011 Dan Walsh <dwalsh@redhat.com> 3.10.0-45.1
|
||||||
|
@ -1388,3 +1388,24 @@ diff -up serefpolicy-3.10.0/policy/modules/system/userdomain.te.userdomain seref
|
|||||||
+optional_policy(`
|
+optional_policy(`
|
||||||
+ slrnpull_search_spool(common_userdomain)
|
+ slrnpull_search_spool(common_userdomain)
|
||||||
+')
|
+')
|
||||||
|
diff --git a/policy/modules/roles/unconfineduser.te b/policy/modules/roles/unconfineduser.te
|
||||||
|
index b1e60db..67b58eb 100644
|
||||||
|
--- a/policy/modules/roles/unconfineduser.te
|
||||||
|
+++ b/policy/modules/roles/unconfineduser.te
|
||||||
|
@@ -346,9 +346,13 @@ optional_policy(`
|
||||||
|
lpd_run_checkpc(unconfined_t, unconfined_r)
|
||||||
|
')
|
||||||
|
|
||||||
|
-#optional_policy(`
|
||||||
|
-# mock_role(unconfined_r, unconfined_t)
|
||||||
|
-#')
|
||||||
|
+optional_policy(`
|
||||||
|
+ mock_role(unconfined_r, unconfined_t)
|
||||||
|
+')
|
||||||
|
+
|
||||||
|
+optional_policy(`
|
||||||
|
+ thumb_role($1_r, $1_usertype)
|
||||||
|
+')
|
||||||
|
|
||||||
|
optional_policy(`
|
||||||
|
modutils_run_update_mods(unconfined_t, unconfined_r)
|
||||||
|
Loading…
Reference in New Issue
Block a user