nnd/selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5e7b58612e
selinux-refpolicy/policy/modules
History
Yi Zhao 5e7b58612e samba: fixes for smbd/nmbd 
* Do not audit capability net_admin for smbd_t/nmbd_t
* Allow nmbd_t to manage samba_var_t dirs

Fixes:
avc:  denied  { net_admin } for  pid=334 comm="smbd" capability=12
scontext=system_u:system_r:smbd_t tcontext=system_u:system_r:smbd_t
tclass=capability permissive=1

avc:  denied  { net_admin } for  pid=273 comm="nmbd" capability=12
scontext=system_u:system_r:nmbd_t tcontext=system_u:system_r:nmbd_t
tclass=capability permissive=1

avc:  denied  { create } for  pid=273 comm="nmbd" name="msg.lock"
scontext=system_u:system_r:nmbd_t tcontext=system_u:object_r:samba_var_t
tclass=dir permissive=1

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
2021-11-30 21:52:43 +08:00
..
admin various: Module version bump. 2021-11-15 15:34:27 -05:00
apps wine: fix roleattribute statement 2021-11-16 12:11:59 -05:00
kernel various: Module version bump. 2021-11-15 15:34:27 -05:00
roles various: Module version bump. 2021-11-14 18:57:40 -05:00
services samba: fixes for smbd/nmbd 2021-11-30 21:52:43 +08:00
system various: Module version bump. 2021-11-29 11:40:49 -05:00