selinux-policy/permissivedomains.te
Dan Walsh 1b0e0923f8 Cleanup related to init_domain()+inetd_domain fixes
- Use just init_domain instead of init_daemon_domain in inetd_core_service_domain
- svirt domains neeed to create kobject_uevint_sockets
- Lots of new access required for sosreport
- Allow tgtd_t to connect to isns ports
- Allow init_t to transition to all inetd domains:
- openct needs to be able to create netlink_object_uevent_sockets
- Dontaudit leaks into ldconfig_t
- Dontaudit su domains getattr on /dev devices, move su domains to attribute based calls
- Move kernel_stream_connect into all Xwindow using users
- Dontaudit inherited lock files in ifconfig o dhcpc_t
2013-09-05 09:40:37 -04:00

42 lines
602 B
Plaintext

policy_module(permissivedomains,20)
optional_policy(`
gen_require(`
type gssproxy_t;
')
permissive gssproxy_t;
')
optional_policy(`
gen_require(`
type prosody_t;
')
permissive prosody_t;
')
optional_policy(`
gen_require(`
type redis_t;
')
permissive redis_t;
')
optional_policy(`
gen_require(`
type hypervkvp_t;
')
permissive hypervkvp_t;
')
optional_policy(`
gen_require(`
type lsmd_t;
')
permissive lsmd_t;
')