RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Label (/var)?/tmp/systemd-private-.../tmp like /tmp 

Such directories are used by systemd as private mountpoints for
services.
This commit is contained in:
Nicolas Iooss 2014-08-23 13:35:51 +02:00 committed by Chris PeBenito
parent c4ea6cc594
commit 7487f355dd
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
policy/modules/kernel/files.fc
View File

@ -191,6 +191,10 @@ ifdef(`distro_debian',`
/tmp/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh) /tmp/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
/tmp/lost\+found/.* <<none>> /tmp/lost\+found/.* <<none>>
/tmp/systemd-private-[^/]+ -d gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh)
/tmp/systemd-private-[^/]+/tmp -d gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh)
/tmp/systemd-private-[^/]+/tmp/.* <<none>>
# #
# /usr # /usr
# #
@ -265,6 +269,9 @@ ifndef(`distro_redhat',`
/var/tmp/.* <<none>> /var/tmp/.* <<none>>
/var/tmp/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh) /var/tmp/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
/var/tmp/lost\+found/.* <<none>> /var/tmp/lost\+found/.* <<none>>
/var/tmp/systemd-private-[^/]+ -d gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh)
/var/tmp/systemd-private-[^/]+/tmp -d gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh)
/var/tmp/systemd-private-[^/]+/tmp/.* <<none>>
/var/tmp/vi\.recover -d gen_context(system_u:object_r:tmp_t,s0) /var/tmp/vi\.recover -d gen_context(system_u:object_r:tmp_t,s0)
ifdef(`distro_debian',` ifdef(`distro_debian',`