nnd/selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sediff fixes

Browse Source
This commit is contained in:
Chris PeBenito 2005-10-24 12:38:45 +00:00
parent bb67633572
commit 1dd86c43cd
5 changed files with 54 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
refpolicy/policy/modules/services/cron.te
View File

@ -50,6 +50,11 @@ files_lock_file(system_crond_lock_t)
type system_crond_tmp_t; type system_crond_tmp_t;
files_tmp_file(system_crond_tmp_t) files_tmp_file(system_crond_tmp_t)
ifdef(`targeted_policy',`
type sysadm_cron_spool_t;
files_type(sysadm_cron_spool_t)
')
######################################## ########################################
# #
# Cron Local policy # Cron Local policy

25
refpolicy/policy/modules/system/authlogin.if
View File

@ -136,20 +136,19 @@ template(`authlogin_per_userdomain_template',`
## </param> ## </param>
# #
template(`auth_domtrans_user_chk_passwd',` template(`auth_domtrans_user_chk_passwd',`
gen_require(` ifdef(`targeted_policy',`',`
type chkpwd_exec_t; gen_require(`
class process sigchld; type chkpwd_exec_t;
class fd use; ')
class fifo_file rw_file_perms;
corecmd_search_bin($1)
domain_auto_trans($1,chkpwd_exec_t,$2_chkpwd_t)
allow $1 $2_chkpwd_t:fd use;
allow $2_chkpwd_t $1:fd use;
allow $2_chkpwd_t $1:fifo_file rw_file_perms;
allow $2_chkpwd_t $1:process sigchld;
') ')
corecmd_search_bin($1)
domain_auto_trans($1,chkpwd_exec_t,$2_chkpwd_t)
allow $1 $2_chkpwd_t:fd use;
allow $2_chkpwd_t $1:fd use;
allow $2_chkpwd_t $1:fifo_file rw_file_perms;
allow $2_chkpwd_t $1:process sigchld;
') ')
######################################## ########################################

22
refpolicy/policy/modules/system/sysnetwork.te
View File

@ -158,6 +158,28 @@ optional_policy(`consoletype.te',`
consoletype_domtrans(dhcpc_t) consoletype_domtrans(dhcpc_t)
') ')
optional_policy(`dbus.te',`
gen_require(`
class dbus send_msg;
')
allow dhcpc_t self:dbus send_msg;
dbus_system_bus_client_template(dhcpc,dhcpc_t)
dbus_connect_system_bus(dhcpc_t)
dbus_send_system_bus_msg(dhcpc_t)
domain_auto_trans(system_dbusd_t, dhcpc_exec_t, dhcpc_t)
allow { NetworkManager_t initrc_t } dhcpc_t:dbus send_msg;
allow dhcpc_t { NetworkManager_t initrc_t }:dbus send_msg;
ifdef(`unconfined.te', `
allow unconfined_t dhcpc_t:dbus send_msg;
allow dhcpc_t unconfined_t:dbus send_msg;
')
')
optional_policy(`hostname.te',` optional_policy(`hostname.te',`
hostname_domtrans(dhcpc_t) hostname_domtrans(dhcpc_t)
') ')

4
refpolicy/policy/modules/system/unconfined.te
View File

@ -35,6 +35,10 @@ ifdef(`targeted_policy',`
userdom_unconfined(unconfined_t) userdom_unconfined(unconfined_t)
optional_policy(`su.te',`
su_per_userdomain_template(sysadm,unconfined_t,system_r)
')
ifdef(`TODO',` ifdef(`TODO',`
ifdef(`samba.te', `samba_domain(user)') ifdef(`samba.te', `samba_domain(user)')

17
refpolicy/policy/modules/system/userdomain.if
View File

@ -1432,13 +1432,18 @@ template(`userdom_manage_user_tmp_sockets',`
## </param> ## </param>
# #
template(`userdom_use_user_terminals',` template(`userdom_use_user_terminals',`
gen_require(` ifdef(`targeted_policy',`
type $1_tty_device_t, $1_devpts_t; term_use_unallocated_tty($2)
') term_use_generic_pty($2)
',`
gen_require(`
type $1_tty_device_t, $1_devpts_t;
')
allow $2 $1_tty_device_t:chr_file rw_term_perms; allow $2 $1_tty_device_t:chr_file rw_term_perms;
allow $2 $1_devpts_t:chr_file rw_term_perms; allow $2 $1_devpts_t:chr_file rw_term_perms;
term_list_ptys($2) term_list_ptys($2)
')
') ')
######################################## ########################################