RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Systemd units from Russell Coker.

This commit is contained in:
Chris PeBenito 2016-08-06 19:14:18 -04:00
parent a4b8f773c1
commit 71a425fdcd
7 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
policy/modules/contrib

@ -1 +1 @@
Subproject commit 9893ad3f676c2d389a8603db8eda07704c891991 Subproject commit bc4b34c56d035238190b71a9892abdb7b2558fff

1
policy/modules/system/logging.fc
View File

@ -20,6 +20,7 @@
/usr/lib/systemd/system/auditd.* -- gen_context(system_u:object_r:auditd_unit_t,s0) /usr/lib/systemd/system/auditd.* -- gen_context(system_u:object_r:auditd_unit_t,s0)
/usr/lib/systemd/system/[^/]*systemd-journal.* -- gen_context(system_u:object_r:syslogd_unit_t,s0) /usr/lib/systemd/system/[^/]*systemd-journal.* -- gen_context(system_u:object_r:syslogd_unit_t,s0)
/usr/lib/systemd/systemd-journald -- gen_context(system_u:object_r:syslogd_exec_t,s0) /usr/lib/systemd/systemd-journald -- gen_context(system_u:object_r:syslogd_exec_t,s0)
/usr/lib/systemd/system/rsyslog.*\.service -- gen_context(system_u:object_r:syslogd_unit_t,s0)
/usr/sbin/klogd -- gen_context(system_u:object_r:klogd_exec_t,s0) /usr/sbin/klogd -- gen_context(system_u:object_r:klogd_exec_t,s0)
/usr/sbin/metalog -- gen_context(system_u:object_r:syslogd_exec_t,s0) /usr/sbin/metalog -- gen_context(system_u:object_r:syslogd_exec_t,s0)

2
policy/modules/system/logging.te
View File

@ -1,4 +1,4 @@
policy_module(logging, 1.23.2) policy_module(logging, 1.23.3)
######################################## ########################################
# #

1
policy/modules/system/selinuxutil.fc
View File

@ -33,6 +33,7 @@
/usr/bin/newrole -- gen_context(system_u:object_r:newrole_exec_t,s0) /usr/bin/newrole -- gen_context(system_u:object_r:newrole_exec_t,s0)
/usr/lib/selinux(/.*)? gen_context(system_u:object_r:policy_src_t,s0) /usr/lib/selinux(/.*)? gen_context(system_u:object_r:policy_src_t,s0)
/usr/lib/systemd/system/restorecond.*\.service -- gen_context(system_u:object_r:restorecond_unit_t,s0)
/usr/sbin/load_policy -- gen_context(system_u:object_r:load_policy_exec_t,s0) /usr/sbin/load_policy -- gen_context(system_u:object_r:load_policy_exec_t,s0)
/usr/sbin/restorecond -- gen_context(system_u:object_r:restorecond_exec_t,s0) /usr/sbin/restorecond -- gen_context(system_u:object_r:restorecond_exec_t,s0)

5
policy/modules/system/selinuxutil.te
View File

@ -1,4 +1,4 @@
policy_module(selinuxutil, 1.20.1) policy_module(selinuxutil, 1.20.2)
gen_require(` gen_require(`
bool secure_mode; bool secure_mode;
@ -85,6 +85,9 @@ init_daemon_domain(restorecond_t, restorecond_exec_t)
domain_obj_id_change_exemption(restorecond_t) domain_obj_id_change_exemption(restorecond_t)
role system_r types restorecond_t; role system_r types restorecond_t;
type restorecond_unit_t;
init_unit_file(restorecond_unit_t)
type restorecond_var_run_t; type restorecond_var_run_t;
files_pid_file(restorecond_var_run_t) files_pid_file(restorecond_var_run_t)

2
policy/modules/system/setrans.fc
View File

@ -2,4 +2,6 @@
/sbin/mcstransd -- gen_context(system_u:object_r:setrans_exec_t,s0) /sbin/mcstransd -- gen_context(system_u:object_r:setrans_exec_t,s0)
/usr/lib/systemd/system/mcstrans.*\.service -- gen_context(system_u:object_r:setrans_unit_t,s0)
/var/run/setrans(/.*)? gen_context(system_u:object_r:setrans_var_run_t,mls_systemhigh) /var/run/setrans(/.*)? gen_context(system_u:object_r:setrans_var_run_t,mls_systemhigh)

2
policy/modules/system/setrans.te
View File

@ -1,4 +1,4 @@
policy_module(setrans, 1.11.0) policy_module(setrans, 1.11.1)
gen_require(` gen_require(`
class context contains; class context contains;