From d87efeec7310452d50790cb3dc2d22da0a0ffd3a Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: Tue, 27 May 2008 12:07:03 +0000 Subject: [PATCH] trunk: fixes for gentoo targeted systems. --- policy/modules/system/selinuxutil.if | 4 ++++ policy/modules/system/selinuxutil.te | 2 +- policy/modules/system/unconfined.te | 7 ++++++- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/policy/modules/system/selinuxutil.if b/policy/modules/system/selinuxutil.if index 9ebb93967..9db901c15 100644 --- a/policy/modules/system/selinuxutil.if +++ b/policy/modules/system/selinuxutil.if @@ -430,6 +430,7 @@ interface(`seutil_run_runinit',` role system_r; ') + auth_run_chk_passwd(run_init_t, $2, $3) seutil_domtrans_runinit($1) role $2 types run_init_t; allow run_init_t $3:chr_file rw_term_perms; @@ -474,6 +475,7 @@ interface(`seutil_init_script_run_runinit',` role system_r; ') + auth_run_chk_passwd(run_init_t, $2, $3) seutil_init_script_domtrans_runinit($1) role $2 types run_init_t; allow run_init_t $3:chr_file rw_term_perms; @@ -1024,6 +1026,8 @@ interface(`seutil_run_semanage',` ') seutil_domtrans_semanage($1) + seutil_run_setfiles(semanage_t, $2, $3) + seutil_run_loadpolicy(semanage_t, $2, $3) role $2 types semanage_t; allow semanage_t $3:chr_file rw_term_perms; ') diff --git a/policy/modules/system/selinuxutil.te b/policy/modules/system/selinuxutil.te index 9597607a5..09a33dc7c 100644 --- a/policy/modules/system/selinuxutil.te +++ b/policy/modules/system/selinuxutil.te @@ -1,5 +1,5 @@ -policy_module(selinuxutil,1.9.1) +policy_module(selinuxutil, 1.9.2) gen_require(` bool secure_mode; diff --git a/policy/modules/system/unconfined.te b/policy/modules/system/unconfined.te index 96fa3442d..7dcc109d0 100644 --- a/policy/modules/system/unconfined.te +++ b/policy/modules/system/unconfined.te @@ -1,5 +1,5 @@ -policy_module(unconfined,2.2.0) +policy_module(unconfined, 2.2.1) ######################################## # @@ -50,6 +50,11 @@ unconfined_domain(unconfined_t) userdom_priveleged_home_dir_manager(unconfined_t) +ifdef(`distro_gentoo',` + seutil_run_runinit(unconfined_t, unconfined_r, { unconfined_tty_device_t unconfined_devpts_t }) + seutil_init_script_run_runinit(unconfined_t, unconfined_r, { unconfined_tty_device_t unconfined_devpts_t }) +') + optional_policy(` ada_domtrans(unconfined_t) ')