nnd/selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
d981fce3e1
selinux-refpolicy/policy
History
Sven Vermeulen d981fce3e1 Update files_manage_generic_locks with directory permissions 
Currently, the files_manage_generic_locks only handles the lock files. If a
domain needs to manage both lock files and the lock directories (like specific
subdirectories in /var/lock that are not owned by a single other domain, such as
Gentoo's /var/lock/subsys location) it also needs the manage permissions on the
directory.

This is to support OpenRC's migration of /var/lock to /run/lock which otherwise
fails:

* Migrating /var/lock to /run/lock
cp: cannot create directory '/run/lock/subsys': Permission denied
rm: cannot remove '/var/lock/subsys': Permission denied

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
2012-10-31 11:36:41 -04:00
..
flask Rename epollwakeup capability2 permission to block_suspend to match the 2012-07-25 09:01:55 -04:00
modules Update files_manage_generic_locks with directory permissions 2012-10-31 11:36:41 -04:00
support Add optional file name to filetrans_pattern. 2011-11-02 08:48:25 -04:00
constraints Allow user and role changes on dynamic transitions with the same constraints as regular transitions. 2011-09-02 09:59:26 -04:00
global_booleans Move secure_mode_policyload into selinux module as that is the only place it is used. 2011-09-26 09:53:23 -04:00
global_tunables Rename allow_console tunable to console_login. 2011-01-14 11:44:42 -05:00
mcs SEPostgresql changes from Kohei KaiGai. 2012-05-18 09:28:18 -04:00
mls SEPostgresql changes from Kohei KaiGai. 2012-05-18 09:28:18 -04:00
policy_capabilities
users