reorg and a fix
This commit is contained in:
parent
70abf87502
commit
fd9deeb8ee
@ -121,6 +121,7 @@ filesystem_ignore_get_persistent_filesystem_attributes(ping_t)
|
|||||||
domain_use_widely_inheritable_file_descriptors(ping_t)
|
domain_use_widely_inheritable_file_descriptors(ping_t)
|
||||||
|
|
||||||
files_read_general_system_config(ping_t)
|
files_read_general_system_config(ping_t)
|
||||||
|
files_ignore_search_system_state_data_directory(ping_t)
|
||||||
|
|
||||||
libraries_use_dynamic_loader(ping_t)
|
libraries_use_dynamic_loader(ping_t)
|
||||||
libraries_read_shared_libraries(ping_t)
|
libraries_read_shared_libraries(ping_t)
|
||||||
@ -135,25 +136,18 @@ if (user_ping) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
ifdef(`TODO',`
|
ifdef(`TODO',`
|
||||||
role sysadm_r types ping_t;
|
can_ypbind(ping_t)
|
||||||
in_user_role(ping_t)
|
|
||||||
|
|
||||||
|
domain_auto_trans(sysadm_t, ping_exec_t, ping_t)
|
||||||
|
role sysadm_r types ping_t;
|
||||||
|
allow ping_t admin_tty_type:chr_file rw_file_perms;
|
||||||
|
ifdef(`gnome-pty-helper.te', `allow ping_t sysadm_gph_t:fd use;')
|
||||||
|
|
||||||
|
in_user_role(ping_t)
|
||||||
if (user_ping) {
|
if (user_ping) {
|
||||||
domain_auto_trans(unpriv_userdomain, ping_exec_t, ping_t)
|
domain_auto_trans(unpriv_userdomain, ping_exec_t, ping_t)
|
||||||
ifdef(`gnome-pty-helper.te', `allow ping_t gphdomain:fd use;')
|
ifdef(`gnome-pty-helper.te', `allow ping_t gphdomain:fd use;')
|
||||||
}
|
}
|
||||||
|
|
||||||
# Transition into this domain when you run this program.
|
|
||||||
domain_auto_trans(sysadm_t, ping_exec_t, ping_t)
|
|
||||||
|
|
||||||
can_ypbind(ping_t)
|
|
||||||
|
|
||||||
# Access the terminal.
|
|
||||||
allow ping_t admin_tty_type:chr_file rw_file_perms;
|
|
||||||
ifdef(`gnome-pty-helper.te', `allow ping_t sysadm_gph_t:fd use;')
|
|
||||||
|
|
||||||
# it tries to access /var/run
|
|
||||||
dontaudit ping_t var_t:dir search;
|
|
||||||
') dnl end TODO
|
') dnl end TODO
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
|
Loading…
Reference in New Issue
Block a user