RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Bluetooth patch (sys_admin and debugfs) from Dan Walsh 

Added comments to reference redhat bugs
This commit is contained in:
Jeremy Solt 2010-03-24 11:54:10 -04:00 committed by Chris PeBenito
parent 4c05dff3d1
commit 84ce9c3333
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
policy/modules/services/bluetooth.te
View File

@ -54,7 +54,8 @@ files_pid_file(bluetooth_var_run_t)
# Bluetooth services local policy
#
allow bluetooth_t self:capability { dac_override net_bind_service net_admin net_raw setpcap sys_tty_config ipc_lock };
#sys_admin capability - redhat bug 573015
allow bluetooth_t self:capability { dac_override net_bind_service net_admin net_raw setpcap sys_admin sys_tty_config ipc_lock };
dontaudit bluetooth_t self:capability sys_tty_config;
allow bluetooth_t self:process { getcap setcap getsched signal_perms };
allow bluetooth_t self:fifo_file rw_fifo_file_perms;
@ -96,6 +97,8 @@ kernel_read_kernel_sysctls(bluetooth_t)
kernel_read_system_state(bluetooth_t)
kernel_read_network_state(bluetooth_t)
kernel_request_load_module(bluetooth_t)
#search debugfs - redhat bug 548206
kernel_search_debugfs(bluetooth_t)
corenet_all_recvfrom_unlabeled(bluetooth_t)
corenet_all_recvfrom_netlabel(bluetooth_t)