nnd
/
selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

setrans patch from Dan Walsh 

Edits:
 - Leaving out the mls_trusted_object(setrans_t) for now
This commit is contained in:
Jeremy Solt 2010-09-24 16:14:00 -04:00 committed by Chris PeBenito
parent d8572a6f5f
commit 1b0ce6c984
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
policy/modules/system/setrans.te
View File

@ -44,9 +44,10 @@ can_exec(setrans_t, setrans_exec_t)
corecmd_search_bin(setrans_t) corecmd_search_bin(setrans_t)
# create unix domain socket in /var # create unix domain socket in /var
manage_dirs_pattern(setrans_t, setrans_var_run_t, setrans_var_run_t)
manage_files_pattern(setrans_t, setrans_var_run_t, setrans_var_run_t) manage_files_pattern(setrans_t, setrans_var_run_t, setrans_var_run_t)
manage_sock_files_pattern(setrans_t, setrans_var_run_t, setrans_var_run_t) manage_sock_files_pattern(setrans_t, setrans_var_run_t, setrans_var_run_t)
files_pid_filetrans(setrans_t, setrans_var_run_t, file) files_pid_filetrans(setrans_t, setrans_var_run_t, { file dir })
kernel_read_kernel_sysctls(setrans_t) kernel_read_kernel_sysctls(setrans_t)
kernel_read_proc_symlinks(setrans_t) kernel_read_proc_symlinks(setrans_t)