fix changed rules
This commit is contained in:
parent
c6825e980c
commit
1904b01047
|
@ -29,7 +29,7 @@ allow comsat_t self:fifo_file rw_file_perms;
|
||||||
allow comsat_t self:{ lnk_file file } { getattr read };
|
allow comsat_t self:{ lnk_file file } { getattr read };
|
||||||
allow comsat_t self:netlink_tcpdiag_socket r_netlink_socket_perms;
|
allow comsat_t self:netlink_tcpdiag_socket r_netlink_socket_perms;
|
||||||
allow comsat_t self:tcp_socket connected_stream_socket_perms;
|
allow comsat_t self:tcp_socket connected_stream_socket_perms;
|
||||||
allow comsat_t self:udp_socket connected_socket_perms;
|
allow comsat_t self:udp_socket create_socket_perms;
|
||||||
|
|
||||||
allow comsat_t comsat_tmp_t:dir create_dir_perms;
|
allow comsat_t comsat_tmp_t:dir create_dir_perms;
|
||||||
allow comsat_t comsat_tmp_t:file create_file_perms;
|
allow comsat_t comsat_tmp_t:file create_file_perms;
|
||||||
|
|
|
@ -510,7 +510,7 @@ allow cupsd_config_t self:process signal_perms;
|
||||||
allow cupsd_config_t self:fifo_file rw_file_perms;
|
allow cupsd_config_t self:fifo_file rw_file_perms;
|
||||||
allow cupsd_config_t self:unix_stream_socket create_socket_perms;
|
allow cupsd_config_t self:unix_stream_socket create_socket_perms;
|
||||||
allow cupsd_config_t self:unix_dgram_socket create_socket_perms;
|
allow cupsd_config_t self:unix_dgram_socket create_socket_perms;
|
||||||
allow cupsd_config_t self:tcp_socket create_socket_perms;
|
allow cupsd_config_t self:tcp_socket create_stream_socket_perms;
|
||||||
|
|
||||||
allow cupsd_config_t cupsd_t:tcp_socket { connectto recvfrom };
|
allow cupsd_config_t cupsd_t:tcp_socket { connectto recvfrom };
|
||||||
allow cupsd_t cupsd_config_t:tcp_socket { acceptfrom recvfrom };
|
allow cupsd_t cupsd_config_t:tcp_socket { acceptfrom recvfrom };
|
||||||
|
@ -720,7 +720,7 @@ allow cupsd_lpd_t cupsd_lpd_var_run_t:dir rw_dir_perms;
|
||||||
files_create_pid(cupsd_lpd_t,cupsd_lpd_var_run_t)
|
files_create_pid(cupsd_lpd_t,cupsd_lpd_var_run_t)
|
||||||
|
|
||||||
allow cupsd_lpd_t cupsd_rw_etc_t:dir list_dir_perms;
|
allow cupsd_lpd_t cupsd_rw_etc_t:dir list_dir_perms;
|
||||||
allow cupsd_lpd_t cupsd_rw_etc_t:file { read getattr };
|
allow cupsd_lpd_t cupsd_rw_etc_t:file r_file_perms;
|
||||||
allow cupsd_lpd_t cupsd_rw_etc_t:lnk_file { getattr read };
|
allow cupsd_lpd_t cupsd_rw_etc_t:lnk_file { getattr read };
|
||||||
|
|
||||||
kernel_read_kernel_sysctl(cupsd_lpd_t)
|
kernel_read_kernel_sysctl(cupsd_lpd_t)
|
||||||
|
|
|
@ -119,6 +119,8 @@ userdom_dontaudit_use_unpriv_user_fd(cardmgr_t)
|
||||||
userdom_dontaudit_search_sysadm_home_dir(cardmgr_t)
|
userdom_dontaudit_search_sysadm_home_dir(cardmgr_t)
|
||||||
|
|
||||||
ifdef(`targeted_policy',`
|
ifdef(`targeted_policy',`
|
||||||
|
term_use_unallocated_tty(cardmgr_t)
|
||||||
|
term_use_generic_pty(cardmgr_t)
|
||||||
term_dontaudit_use_unallocated_tty(cardmgr_t)
|
term_dontaudit_use_unallocated_tty(cardmgr_t)
|
||||||
term_dontaudit_use_generic_pty(cardmgr_t)
|
term_dontaudit_use_generic_pty(cardmgr_t)
|
||||||
files_dontaudit_read_root_file(cardmgr_t)
|
files_dontaudit_read_root_file(cardmgr_t)
|
||||||
|
|
Loading…
Reference in New Issue