fix ordering of interface calls in init.
This commit is contained in:
parent
14d282253f
commit
464ffa57fd
@ -252,6 +252,8 @@ kernel_dontaudit_getattr_message_if(initrc_t)
|
||||
|
||||
files_read_kernel_symbol_table(initrc_t)
|
||||
|
||||
corecmd_exec_all_executables(initrc_t)
|
||||
|
||||
corenet_all_recvfrom_unlabeled(initrc_t)
|
||||
corenet_all_recvfrom_netlabel(initrc_t)
|
||||
corenet_tcp_sendrecv_all_if(initrc_t)
|
||||
@ -281,45 +283,6 @@ dev_manage_generic_files(initrc_t)
|
||||
# Wants to remove udev.tbl:
|
||||
dev_delete_generic_symlinks(initrc_t)
|
||||
|
||||
fs_register_binary_executable_type(initrc_t)
|
||||
# rhgb-console writes to ramfs
|
||||
fs_write_ramfs_pipes(initrc_t)
|
||||
# cjp: not sure why these are here; should use mount policy
|
||||
fs_mount_all_fs(initrc_t)
|
||||
fs_unmount_all_fs(initrc_t)
|
||||
fs_remount_all_fs(initrc_t)
|
||||
fs_getattr_all_fs(initrc_t)
|
||||
|
||||
# initrc_t needs to do a pidof which requires ptrace
|
||||
mcs_ptrace_all(initrc_t)
|
||||
mcs_killall(initrc_t)
|
||||
mcs_process_set_categories(initrc_t)
|
||||
|
||||
mls_file_read_all_levels(initrc_t)
|
||||
mls_file_write_all_levels(initrc_t)
|
||||
mls_process_read_up(initrc_t)
|
||||
mls_process_write_down(initrc_t)
|
||||
mls_rangetrans_source(initrc_t)
|
||||
mls_fd_share_all_levels(initrc_t)
|
||||
|
||||
selinux_get_enforce_mode(initrc_t)
|
||||
|
||||
storage_getattr_fixed_disk_dev(initrc_t)
|
||||
storage_setattr_fixed_disk_dev(initrc_t)
|
||||
storage_setattr_removable_dev(initrc_t)
|
||||
|
||||
term_use_all_terms(initrc_t)
|
||||
term_reset_tty_labels(initrc_t)
|
||||
|
||||
auth_rw_login_records(initrc_t)
|
||||
auth_setattr_login_records(initrc_t)
|
||||
auth_rw_lastlog(initrc_t)
|
||||
auth_read_pam_pid(initrc_t)
|
||||
auth_delete_pam_pid(initrc_t)
|
||||
auth_delete_pam_console_data(initrc_t)
|
||||
|
||||
corecmd_exec_all_executables(initrc_t)
|
||||
|
||||
domain_kill_all_domains(initrc_t)
|
||||
domain_signal_all_domains(initrc_t)
|
||||
domain_signull_all_domains(initrc_t)
|
||||
@ -362,6 +325,42 @@ files_mounton_isid_type_dirs(initrc_t)
|
||||
files_list_default(initrc_t)
|
||||
files_mounton_default(initrc_t)
|
||||
|
||||
fs_register_binary_executable_type(initrc_t)
|
||||
# rhgb-console writes to ramfs
|
||||
fs_write_ramfs_pipes(initrc_t)
|
||||
# cjp: not sure why these are here; should use mount policy
|
||||
fs_mount_all_fs(initrc_t)
|
||||
fs_unmount_all_fs(initrc_t)
|
||||
fs_remount_all_fs(initrc_t)
|
||||
fs_getattr_all_fs(initrc_t)
|
||||
|
||||
# initrc_t needs to do a pidof which requires ptrace
|
||||
mcs_ptrace_all(initrc_t)
|
||||
mcs_killall(initrc_t)
|
||||
mcs_process_set_categories(initrc_t)
|
||||
|
||||
mls_file_read_all_levels(initrc_t)
|
||||
mls_file_write_all_levels(initrc_t)
|
||||
mls_process_read_up(initrc_t)
|
||||
mls_process_write_down(initrc_t)
|
||||
mls_rangetrans_source(initrc_t)
|
||||
mls_fd_share_all_levels(initrc_t)
|
||||
|
||||
selinux_get_enforce_mode(initrc_t)
|
||||
|
||||
storage_getattr_fixed_disk_dev(initrc_t)
|
||||
storage_setattr_fixed_disk_dev(initrc_t)
|
||||
storage_setattr_removable_dev(initrc_t)
|
||||
|
||||
term_use_all_terms(initrc_t)
|
||||
term_reset_tty_labels(initrc_t)
|
||||
|
||||
auth_rw_login_records(initrc_t)
|
||||
auth_setattr_login_records(initrc_t)
|
||||
auth_rw_lastlog(initrc_t)
|
||||
auth_read_pam_pid(initrc_t)
|
||||
auth_delete_pam_pid(initrc_t)
|
||||
auth_delete_pam_console_data(initrc_t)
|
||||
auth_use_nsswitch(initrc_t)
|
||||
|
||||
libs_rw_ld_so_cache(initrc_t)
|
||||
|
Loading…
Reference in New Issue
Block a user