Merge pull request #666 from gtrentalancia/mix_fixes_pr2
Miscellaneous fixes
This commit is contained in:
commit
9967edaebe
policy/modules
@ -120,7 +120,6 @@ init_manage_all_units(logrotate_t)
|
||||
logging_manage_all_logs(logrotate_t)
|
||||
logging_send_syslog_msg(logrotate_t)
|
||||
logging_send_audit_msgs(logrotate_t)
|
||||
logging_exec_all_logs(logrotate_t)
|
||||
|
||||
miscfiles_read_generic_certs(logrotate_t)
|
||||
miscfiles_read_localization(logrotate_t)
|
||||
|
@ -1098,28 +1098,6 @@ interface(`logging_watch_all_logs',`
|
||||
allow $1 logfile:file watch;
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Execute all log files in the caller domain.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
# cjp: not sure why this is needed. This was added
|
||||
# because of logrotate.
|
||||
interface(`logging_exec_all_logs',`
|
||||
gen_require(`
|
||||
attribute logfile;
|
||||
')
|
||||
|
||||
files_search_var($1)
|
||||
allow $1 logfile:dir list_dir_perms;
|
||||
can_exec($1, logfile)
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## read/write to all log files.
|
||||
|
@ -61,9 +61,6 @@ interface(`mount_exec',`
|
||||
type mount_exec_t;
|
||||
')
|
||||
|
||||
# cjp: this should be removed:
|
||||
allow $1 mount_exec_t:dir list_dir_perms;
|
||||
|
||||
allow $1 mount_exec_t:lnk_file read_lnk_file_perms;
|
||||
corecmd_search_bin($1)
|
||||
can_exec($1, mount_exec_t)
|
||||
|
Loading…
Reference in New Issue
Block a user