RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add missing ssh file contexts

This commit is contained in:
Chris PeBenito 2005-07-06 15:59:54 +00:00
parent a3fdcebc6a
commit bb32544d61
2 changed files with 25 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
refpolicy/policy/modules/services/ssh.fc
View File

@ -0,0 +1,16 @@
/etc/ssh/primes -- system_u:object_r:sshd_key_t
/etc/ssh/ssh_host_key -- system_u:object_r:sshd_key_t
/etc/ssh/ssh_host_dsa_key -- system_u:object_r:sshd_key_t
/etc/ssh/ssh_host_rsa_key -- system_u:object_r:sshd_key_t
/usr/bin/ssh -- system_u:object_r:ssh_exec_t
/usr/bin/ssh-agent -- system_u:object_r:ssh_agent_exec_t
/usr/bin/ssh-keygen -- system_u:object_r:ssh_keygen_exec_t
/usr/sbin/sshd -- system_u:object_r:sshd_exec_t
/var/run/sshd\.init\.pid -- system_u:object_r:sshd_var_run_t
ifdef(`targeted_policy', `', `
HOME_DIR/\.ssh(/.*)? system_u:object_r:ROLE_home_ssh_t
')

9
refpolicy/policy/modules/system/corecommands.fc
View File

@ -60,14 +60,23 @@ ifdef(`distro_gentoo', `
/usr(/.*)?/sbin(/.*)? context_template(system_u:object_r:sbin_t,s0)
/usr/lib(64)?/sftp-server -- context_template(system_u:object_r:bin_t,s0)
/usr/lib(64)?/emacsen-common/.* context_template(system_u:object_r:bin_t,s0)
/usr/lib(64)?/misc/sftp-server -- context_template(system_u:object_r:bin_t,s0)
ifdef(`distro_suse', `
/usr/lib(64)?/ssh/.* -- context_template(system_u:object_r:bin_t,s0)
')
/usr/lib(64)?/[^/]*thunderbird[^/]*/thunderbird -- context_template(system_u:object_r:bin_t,s0)
/usr/lib(64)?/[^/]*thunderbird[^/]*/thunderbird-bin -- context_template(system_u:object_r:bin_t,s0)
/usr/lib(64)?/[^/]*thunderbird[^/]*/run-mozilla\.sh -- context_template(system_u:object_r:bin_t,s0)
/usr/lib(64)?/[^/]*thunderbird[^/]*/mozilla-xremote-client -- context_template(system_u:object_r:bin_t,s0)
/usr/libexec(/.*)? context_template(system_u:object_r:bin_t,s0)
/usr/libexec/openssh/sftp-server -- context_template(system_u:object_r:bin_t,s0)
/usr/sbin/sesh -- context_template(system_u:object_r:shell_exec_t,s0)