61d7ee58a4
Libcgroup moved cgclear to /sbin. Confine it so that initrc_t can domain transition to the cgclear_t domain. That way we do not have to extend the initrc_t domains policy. We might want to add cgroup_run_cgclear to sysadm module. Signed-off-by: Dominick Grift <domg472@gmail.com>
15 lines
751 B
Plaintext
15 lines
751 B
Plaintext
/etc/cgconfig.conf -- gen_context(system_u:object_r:cgconfig_etc_t,s0)
|
|
/etc/cgrules.conf -- gen_context(system_u:object_r:cgrules_etc_t,s0)
|
|
|
|
/etc/sysconfig/cgconfig -- gen_context(system_u:object_r:cgconfig_etc_t,s0)
|
|
/etc/sysconfig/cgred.conf -- gen_context(system_u:object_r:cgrules_etc_t,s0)
|
|
|
|
/etc/rc\.d/init\.d/cgconfig -- gen_context(system_u:object_r:cgconfig_initrc_exec_t,s0)
|
|
/etc/rc\.d/init\.d/cgred -- gen_context(system_u:object_r:cgred_initrc_exec_t,s0)
|
|
|
|
/sbin/cgconfigparser -- gen_context(system_u:object_r:cgconfig_exec_t,s0)
|
|
/sbin/cgrulesengd -- gen_context(system_u:object_r:cgred_exec_t,s0)
|
|
/sbin/cgclear -- gen_context(system_u:object_r:cgclear_exec_t,s0)
|
|
|
|
/var/run/cgred.* gen_context(system_u:object_r:cgred_var_run_t,s0)
|