Merge pull request #339 from 0xC0ncord/feature/sudodomain_http_connect_boolean
This commit is contained in:
commit
2e6d7b8cb9
@ -1,5 +1,16 @@
|
|||||||
policy_module(sudo, 1.15.0)
|
policy_module(sudo, 1.15.0)
|
||||||
|
|
||||||
|
## <desc>
|
||||||
|
## <p>
|
||||||
|
## Determine whether all sudo domains
|
||||||
|
## can connect to TCP HTTP ports. This
|
||||||
|
## is needed if an additional authentication
|
||||||
|
## mechanism via an HTTP server is
|
||||||
|
## required for users to use sudo.
|
||||||
|
## </p>
|
||||||
|
## </desc>
|
||||||
|
gen_tunable(sudo_all_tcp_connect_http_port, false)
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
#
|
#
|
||||||
# Declarations
|
# Declarations
|
||||||
@ -7,3 +18,7 @@ attribute sudodomain;
|
|||||||
|
|
||||||
type sudo_exec_t;
|
type sudo_exec_t;
|
||||||
application_executable_file(sudo_exec_t)
|
application_executable_file(sudo_exec_t)
|
||||||
|
|
||||||
|
tunable_policy(`sudo_all_tcp_connect_http_port',`
|
||||||
|
corenet_tcp_connect_http_port(sudodomain)
|
||||||
|
')
|
||||||
|
Loading…
Reference in New Issue
Block a user