Rename mount_read_mount_loopback() to mount_read_loopback_file().

Also make kernel block optional since the calls are to a higher layer.
This commit is contained in:
Chris PeBenito 2014-02-08 10:49:47 -05:00
parent 38a2d8e581
commit acf1229dad
3 changed files with 7 additions and 5 deletions

View File

@ -287,9 +287,6 @@ files_list_etc(kernel_t)
files_list_home(kernel_t)
files_read_usr_files(kernel_t)
mount_use_fds(kernel_t)
mount_read_mount_loopback(kernel_t)
mcs_process_set_categories(kernel_t)
mls_process_read_up(kernel_t)
@ -319,6 +316,11 @@ optional_policy(`
logging_send_syslog_msg(kernel_t)
')
optional_policy(`
mount_use_fds(kernel_t)
mount_read_loopback_file(kernel_t)
')
optional_policy(`
nis_use_ypbind(kernel_t)
')

View File

@ -184,7 +184,7 @@ interface(`mount_run_unconfined',`
## </summary>
## </param>
#
interface(`mount_read_mount_loopback',`
interface(`mount_read_loopback_file',`
gen_require(`
type mount_t;
')

View File

@ -43,7 +43,7 @@ application_domain(unconfined_mount_t, mount_exec_t)
# setuid/setgid needed to mount cifs
allow mount_t self:capability { ipc_lock sys_rawio sys_admin dac_override chown sys_tty_config setuid setgid };
mount_read_mount_loopback(mount_t)
mount_read_loopback_file(mount_t)
allow mount_t mount_tmp_t:file manage_file_perms;
allow mount_t mount_tmp_t:dir manage_dir_perms;