From 93113bce78f8a97eb505aa3967bc43b90c37286a Mon Sep 17 00:00:00 2001 From: Dominick Grift Date: Wed, 9 Sep 2020 12:00:26 +0200 Subject: [PATCH] bind: add a few fc specs for unbound unbound-checkconf is the unbound bind-checkconf equivalent unbound-control is the unbound bind ndc equivalent Signed-off-by: Dominick Grift --- policy/modules/services/bind.fc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/policy/modules/services/bind.fc b/policy/modules/services/bind.fc index 7c1df4895..ce68a0af9 100644 --- a/policy/modules/services/bind.fc +++ b/policy/modules/services/bind.fc @@ -19,6 +19,8 @@ /usr/bin/named-checkconf -- gen_context(system_u:object_r:named_checkconf_exec_t,s0) /usr/bin/r?ndc -- gen_context(system_u:object_r:ndc_exec_t,s0) /usr/bin/unbound -- gen_context(system_u:object_r:named_exec_t,s0) +/usr/bin/unbound-checkconf -- gen_context(system_u:object_r:named_checkconf_exec_t,s0) +/usr/bin/unbound-control -- gen_context(system_u:object_r:ndc_exec_t,s0) /usr/lib/systemd/system/named.*\.service -- gen_context(system_u:object_r:named_unit_t,s0) /usr/lib/systemd/system/unbound.*\.service -- gen_context(system_u:object_r:named_unit_t,s0) @@ -28,6 +30,8 @@ /usr/sbin/named-checkconf -- gen_context(system_u:object_r:named_checkconf_exec_t,s0) /usr/sbin/r?ndc -- gen_context(system_u:object_r:ndc_exec_t,s0) /usr/sbin/unbound -- gen_context(system_u:object_r:named_exec_t,s0) +/usr/sbin/unbound-checkconf -- gen_context(system_u:object_r:named_checkconf_exec_t,s0) +/usr/sbin/unbound-control -- gen_context(system_u:object_r:ndc_exec_t,s0) /var/bind(/.*)? gen_context(system_u:object_r:named_cache_t,s0) /var/bind/pri(/.*)? gen_context(system_u:object_r:named_zone_t,s0)