netutils patch from Dan Walsh
Edits: - Dropping term_use_all_terms and user_ping tunables for ping and traceroute - Whitespace fixes
This commit is contained in:
parent
4ac0cd30fa
commit
44dc1b9c21
|
@ -1,4 +1,3 @@
|
||||||
|
|
||||||
/bin/ping.* -- gen_context(system_u:object_r:ping_exec_t,s0)
|
/bin/ping.* -- gen_context(system_u:object_r:ping_exec_t,s0)
|
||||||
/bin/tracepath.* -- gen_context(system_u:object_r:traceroute_exec_t,s0)
|
/bin/tracepath.* -- gen_context(system_u:object_r:traceroute_exec_t,s0)
|
||||||
/bin/traceroute.* -- gen_context(system_u:object_r:traceroute_exec_t,s0)
|
/bin/traceroute.* -- gen_context(system_u:object_r:traceroute_exec_t,s0)
|
||||||
|
@ -9,6 +8,7 @@
|
||||||
/usr/bin/nmap -- gen_context(system_u:object_r:traceroute_exec_t,s0)
|
/usr/bin/nmap -- gen_context(system_u:object_r:traceroute_exec_t,s0)
|
||||||
/usr/bin/traceroute.* -- gen_context(system_u:object_r:traceroute_exec_t,s0)
|
/usr/bin/traceroute.* -- gen_context(system_u:object_r:traceroute_exec_t,s0)
|
||||||
|
|
||||||
|
/usr/sbin/fping -- gen_context(system_u:object_r:ping_exec_t,s0)
|
||||||
/usr/sbin/traceroute.* -- gen_context(system_u:object_r:traceroute_exec_t,s0)
|
/usr/sbin/traceroute.* -- gen_context(system_u:object_r:traceroute_exec_t,s0)
|
||||||
/usr/sbin/hping2 -- gen_context(system_u:object_r:ping_exec_t,s0)
|
/usr/sbin/hping2 -- gen_context(system_u:object_r:ping_exec_t,s0)
|
||||||
/usr/sbin/tcpdump -- gen_context(system_u:object_r:netutils_exec_t,s0)
|
/usr/sbin/tcpdump -- gen_context(system_u:object_r:netutils_exec_t,s0)
|
||||||
|
|
|
@ -44,6 +44,7 @@ allow netutils_t self:netlink_route_socket { bind create getattr nlmsg_read nlms
|
||||||
allow netutils_t self:packet_socket create_socket_perms;
|
allow netutils_t self:packet_socket create_socket_perms;
|
||||||
allow netutils_t self:udp_socket create_socket_perms;
|
allow netutils_t self:udp_socket create_socket_perms;
|
||||||
allow netutils_t self:tcp_socket create_stream_socket_perms;
|
allow netutils_t self:tcp_socket create_stream_socket_perms;
|
||||||
|
allow netutils_t self:socket create_socket_perms;
|
||||||
|
|
||||||
manage_dirs_pattern(netutils_t, netutils_tmp_t, netutils_tmp_t)
|
manage_dirs_pattern(netutils_t, netutils_tmp_t, netutils_tmp_t)
|
||||||
manage_files_pattern(netutils_t, netutils_tmp_t, netutils_tmp_t)
|
manage_files_pattern(netutils_t, netutils_tmp_t, netutils_tmp_t)
|
||||||
|
@ -85,6 +86,7 @@ logging_send_syslog_msg(netutils_t)
|
||||||
|
|
||||||
miscfiles_read_localization(netutils_t)
|
miscfiles_read_localization(netutils_t)
|
||||||
|
|
||||||
|
term_dontaudit_use_console(netutils_t)
|
||||||
userdom_use_user_terminals(netutils_t)
|
userdom_use_user_terminals(netutils_t)
|
||||||
userdom_use_all_users_fds(netutils_t)
|
userdom_use_all_users_fds(netutils_t)
|
||||||
|
|
||||||
|
@ -150,6 +152,10 @@ optional_policy(`
|
||||||
munin_append_log(ping_t)
|
munin_append_log(ping_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
|
optional_policy(`
|
||||||
|
nagios_rw_inherited_tmp_files(ping_t)
|
||||||
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
pcmcia_use_cardmgr_fds(ping_t)
|
pcmcia_use_cardmgr_fds(ping_t)
|
||||||
')
|
')
|
||||||
|
|
Loading…
Reference in New Issue