trunk: missed fixes on previous commit.
This commit is contained in:
Chris PeBenito
parent
8a948caf2b
commit
7aabe358f4
|
|
@ -66,6 +66,6 @@ interface(`usernetctl_run',`
|
|||
|
||||
|
||||
optional_policy(`
|
||||
ppp_run(usernetctl_t,$2,$3)
|
||||
ppp_run(usernetctl_t, $2, $3)
|
||||
')
|
||||
')
|
||||
|
|
|
|||
|
|
@ -79,26 +79,6 @@ interface(`storage_dontaudit_setattr_fixed_disk_dev',`
|
|||
dontaudit $1 fixed_disk_device_t:blk_file setattr;
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## dontaudit the caller attempts to read from a fixed disk.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## The type of the process performing this action.
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`storage_dontaudit_raw_read_fixed_disk',`
|
||||
gen_require(`
|
||||
attribute fixed_disk_raw_read;
|
||||
type fixed_disk_device_t;
|
||||
')
|
||||
|
||||
dontaudit $1 fixed_disk_device_t:blk_file read_blk_file_perms;
|
||||
dontaudit $1 fixed_disk_device_t:chr_file read_chr_file_perms;
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Allow the caller to directly read from a fixed disk.
|
||||
|
|
@ -141,7 +121,8 @@ interface(`storage_dontaudit_read_fixed_disk',`
|
|||
|
||||
')
|
||||
|
||||
dontaudit $1 fixed_disk_device_t:blk_file { getattr ioctl read };
|
||||
dontaudit $1 fixed_disk_device_t:blk_file read_blk_file_perms;
|
||||
dontaudit $1 fixed_disk_device_t:chr_file read_chr_file_perms;
|
||||
')
|
||||
|
||||
########################################
|
||||
|
|
|
|||
|
|
@ -61,6 +61,9 @@ allow rsync_t rsync_data_t:dir list_dir_perms;
|
|||
read_files_pattern(rsync_t, rsync_data_t, rsync_data_t)
|
||||
read_lnk_files_pattern(rsync_t, rsync_data_t, rsync_data_t)
|
||||
|
||||
manage_files_pattern(rsync_t, rsync_log_t, rsync_log_t)
|
||||
logging_log_filetrans(rsync_t, rsync_log_t, file)
|
||||
|
||||
manage_dirs_pattern(rsync_t, rsync_tmp_t, rsync_tmp_t)
|
||||
manage_files_pattern(rsync_t, rsync_tmp_t, rsync_tmp_t)
|
||||
files_tmp_filetrans(rsync_t, rsync_tmp_t, { file dir })
|
||||
|
|
@ -97,8 +100,6 @@ libs_use_ld_so(rsync_t)
|
|||
libs_use_shared_libs(rsync_t)
|
||||
|
||||
logging_send_syslog_msg(rsync_t)
|
||||
manage_files_pattern(rsync_t,rsync_log_t,rsync_log_t)
|
||||
logging_log_filetrans(rsync_t,rsync_log_t,file)
|
||||
|
||||
miscfiles_read_localization(rsync_t)
|
||||
miscfiles_read_public_files(rsync_t)
|
||||
|
|
|
|||
Loading…
Reference in New Issue