RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add some missing transitions from unconfined

This commit is contained in:
Chris PeBenito 2005-10-27 15:06:15 +00:00
parent a525f293c3
commit b281bf6ed9
3 changed files with 21 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
refpolicy/policy/modules/admin/firstboot.if
View File

@ -14,9 +14,6 @@
interface(`firstboot_domtrans',` interface(`firstboot_domtrans',`
gen_require(` gen_require(`
type firstboot_t, firstboot_exec_t; type firstboot_t, firstboot_exec_t;
class process sigchld;
class fd use;
class fifo_file rw_file_perms;
') ')
domain_auto_trans($1,firstboot_exec_t,firstboot_t) domain_auto_trans($1,firstboot_exec_t,firstboot_t)
@ -45,7 +42,6 @@ interface(`firstboot_domtrans',`
interface(`firstboot_run',` interface(`firstboot_run',`
gen_require(` gen_require(`
type firstboot_t; type firstboot_t;
class chr_file rw_term_perms;
') ')
firstboot_domtrans($1) firstboot_domtrans($1)
@ -64,7 +60,6 @@ interface(`firstboot_run',`
interface(`firstboot_use_fd',` interface(`firstboot_use_fd',`
gen_require(` gen_require(`
type firstboot_t; type firstboot_t;
class fd use;
') ')
allow $1 firstboot_t:fd use; allow $1 firstboot_t:fd use;
@ -82,7 +77,6 @@ interface(`firstboot_use_fd',`
interface(`firstboot_dontaudit_use_fd',` interface(`firstboot_dontaudit_use_fd',`
gen_require(` gen_require(`
type firstboot_t; type firstboot_t;
class fd use;
') ')
dontaudit $1 firstboot_t:fd use; dontaudit $1 firstboot_t:fd use;
@ -99,7 +93,6 @@ interface(`firstboot_dontaudit_use_fd',`
interface(`firstboot_write_pipe',` interface(`firstboot_write_pipe',`
gen_require(` gen_require(`
type firstboot_t; type firstboot_t;
class fifo_file write;
') ')
allow $1 firstboot_t:fifo_file write; allow $1 firstboot_t:fifo_file write;

3
refpolicy/policy/modules/system/libraries.if
View File

@ -11,9 +11,6 @@
interface(`libs_domtrans_ldconfig',` interface(`libs_domtrans_ldconfig',`
gen_require(` gen_require(`
type ldconfig_t, ldconfig_exec_t; type ldconfig_t, ldconfig_exec_t;
class process sigchld;
class fd use;
class fifo_file rw_file_perms;
') ')
corecmd_search_sbin($1) corecmd_search_sbin($1)

23
refpolicy/policy/modules/system/unconfined.te
View File

@ -33,11 +33,25 @@ ifdef(`targeted_policy',`
init_domtrans_script(unconfined_t) init_domtrans_script(unconfined_t)
libs_domtrans_ldconfig(unconfined_t)
logging_domtrans_auditctl(unconfined_t)
seutil_domtrans_restorecon(unconfined_t)
userdom_unconfined(unconfined_t) userdom_unconfined(unconfined_t)
userdom_priveleged_home_dir_manager(unconfined_t) userdom_priveleged_home_dir_manager(unconfined_t)
optional_policy(`logging.te',` optional_policy(`amanda.te',`
logging_domtrans_auditctl(unconfined_t) amanda_domtrans_recover(unconfined_t)
')
optional_policy(`dmidecode.te',`
dmidecode_domtrans(unconfined_t)
')
optional_policy(`firstboot.te',`
firstboot_domtrans(unconfined_t)
') ')
optional_policy(`lpd.te',` optional_policy(`lpd.te',`
@ -50,6 +64,10 @@ ifdef(`targeted_policy',`
modutils_domtrans_update_mods(unconfined_t) modutils_domtrans_update_mods(unconfined_t)
') ')
optional_policy(`portmap.te',`
portmap_domtrans_helper(unconfined_t)
')
optional_policy(`postfix.te',` optional_policy(`postfix.te',`
postfix_domtrans_map(unconfined_t) postfix_domtrans_map(unconfined_t)
') ')
@ -60,6 +78,7 @@ ifdef(`targeted_policy',`
optional_policy(`samba.te',` optional_policy(`samba.te',`
samba_domtrans_net(unconfined_t) samba_domtrans_net(unconfined_t)
samba_domtrans_winbind_helper(unconfined_t)
') ')
optional_policy(`su.te',` optional_policy(`su.te',`