This commit is contained in:
Chris PeBenito 2019-01-06 14:02:06 -05:00
commit ea11d5bbc2
2 changed files with 7 additions and 1 deletions

View File

@ -710,6 +710,10 @@ optional_policy(`
nscd_admin(sysadm_t, sysadm_r) nscd_admin(sysadm_t, sysadm_r)
') ')
optional_policy(`
nsd_admin(sysadm_t, sysadm_r)
')
optional_policy(` optional_policy(`
nslcd_admin(sysadm_t, sysadm_r) nslcd_admin(sysadm_t, sysadm_r)
') ')

View File

@ -34,7 +34,7 @@ files_type(nsd_zone_t)
# Local policy # Local policy
# #
allow nsd_t self:capability { chown dac_override kill setgid setuid }; allow nsd_t self:capability { chown dac_override kill setgid setuid dac_read_search net_admin };
dontaudit nsd_t self:capability sys_tty_config; dontaudit nsd_t self:capability sys_tty_config;
allow nsd_t self:process signal_perms; allow nsd_t self:process signal_perms;
allow nsd_t self:fifo_file rw_fifo_file_perms; allow nsd_t self:fifo_file rw_fifo_file_perms;
@ -44,12 +44,14 @@ allow nsd_t nsd_conf_t:dir list_dir_perms;
allow nsd_t nsd_conf_t:file read_file_perms; allow nsd_t nsd_conf_t:file read_file_perms;
allow nsd_t nsd_conf_t:lnk_file read_lnk_file_perms; allow nsd_t nsd_conf_t:lnk_file read_lnk_file_perms;
allow nsd_t nsd_db_t:file map;
allow nsd_t nsd_db_t:file manage_file_perms; allow nsd_t nsd_db_t:file manage_file_perms;
filetrans_pattern(nsd_t, nsd_zone_t, nsd_db_t, file) filetrans_pattern(nsd_t, nsd_zone_t, nsd_db_t, file)
manage_files_pattern(nsd_t, nsd_var_run_t, nsd_var_run_t) manage_files_pattern(nsd_t, nsd_var_run_t, nsd_var_run_t)
files_pid_filetrans(nsd_t, nsd_var_run_t, file) files_pid_filetrans(nsd_t, nsd_var_run_t, file)
allow nsd_t nsd_zone_t:file map;
manage_dirs_pattern(nsd_t, nsd_zone_t, nsd_zone_t) manage_dirs_pattern(nsd_t, nsd_zone_t, nsd_zone_t)
manage_files_pattern(nsd_t, nsd_zone_t, nsd_zone_t) manage_files_pattern(nsd_t, nsd_zone_t, nsd_zone_t)
manage_lnk_files_pattern(nsd_t, nsd_zone_t, nsd_zone_t) manage_lnk_files_pattern(nsd_t, nsd_zone_t, nsd_zone_t)