Add support for libselinux 2.0.5 init_selinuxmnt() changes.
This commit is contained in:
parent
cd548f7abc
commit
86d754eed6
@ -1,3 +1,4 @@
|
|||||||
|
- Add support for libselinux 2.0.5 init_selinuxmnt() changes.
|
||||||
- Patch for misc fixes to bluetooth from Dan Walsh.
|
- Patch for misc fixes to bluetooth from Dan Walsh.
|
||||||
- Patch for misc fixes to kerberos from Dan Walsh.
|
- Patch for misc fixes to kerberos from Dan Walsh.
|
||||||
- Patch to start deprecating usercanread attribute from Ryan Bradetich.
|
- Patch to start deprecating usercanread attribute from Ryan Bradetich.
|
||||||
|
@ -16,6 +16,15 @@
|
|||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
interface(`selinux_get_fs_mount',`
|
interface(`selinux_get_fs_mount',`
|
||||||
|
gen_require(`
|
||||||
|
type security_t;
|
||||||
|
')
|
||||||
|
|
||||||
|
# starting in libselinux 2.0.5, init_selinuxmnt() will
|
||||||
|
# attempt to short circuit by checking if SELINUXMNT
|
||||||
|
# (/selinux) is already a selinuxfs
|
||||||
|
allow $1 security_t:filesystem getattr;
|
||||||
|
|
||||||
# read /proc/filesystems to see if selinuxfs is supported
|
# read /proc/filesystems to see if selinuxfs is supported
|
||||||
# then read /proc/self/mount to see where selinuxfs is mounted
|
# then read /proc/self/mount to see where selinuxfs is mounted
|
||||||
kernel_read_system_state($1)
|
kernel_read_system_state($1)
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
|
|
||||||
policy_module(selinux,1.2.0)
|
policy_module(selinux,1.2.1)
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
#
|
#
|
||||||
|
Loading…
Reference in New Issue
Block a user