1b0e0923f8
- Use just init_domain instead of init_daemon_domain in inetd_core_service_domain - svirt domains neeed to create kobject_uevint_sockets - Lots of new access required for sosreport - Allow tgtd_t to connect to isns ports - Allow init_t to transition to all inetd domains: - openct needs to be able to create netlink_object_uevent_sockets - Dontaudit leaks into ldconfig_t - Dontaudit su domains getattr on /dev devices, move su domains to attribute based calls - Move kernel_stream_connect into all Xwindow using users - Dontaudit inherited lock files in ifconfig o dhcpc_t
42 lines
602 B
Plaintext
42 lines
602 B
Plaintext
policy_module(permissivedomains,20)
|
|
|
|
optional_policy(`
|
|
gen_require(`
|
|
type gssproxy_t;
|
|
')
|
|
|
|
permissive gssproxy_t;
|
|
')
|
|
|
|
optional_policy(`
|
|
gen_require(`
|
|
type prosody_t;
|
|
')
|
|
|
|
permissive prosody_t;
|
|
')
|
|
|
|
optional_policy(`
|
|
gen_require(`
|
|
type redis_t;
|
|
')
|
|
|
|
permissive redis_t;
|
|
')
|
|
|
|
optional_policy(`
|
|
gen_require(`
|
|
type hypervkvp_t;
|
|
')
|
|
|
|
permissive hypervkvp_t;
|
|
')
|
|
|
|
optional_policy(`
|
|
gen_require(`
|
|
type lsmd_t;
|
|
')
|
|
|
|
permissive lsmd_t;
|
|
')
|