nnd/selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rearrange lines in alsa an mysql.

Browse Source
This commit is contained in:
Chris PeBenito 2010-03-12 08:59:23 -05:00
parent e172614b57
commit 9e506eb236
3 changed files with 25 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
policy/modules/admin/alsa.te
View File

@ -41,8 +41,6 @@ files_search_var_lib(alsa_t)
kernel_read_system_state(alsa_t) kernel_read_system_state(alsa_t)
term_dontaudit_use_console(alsa_t)
dev_read_sound(alsa_t) dev_read_sound(alsa_t)
dev_write_sound(alsa_t) dev_write_sound(alsa_t)
dev_read_sysfs(alsa_t) dev_read_sysfs(alsa_t)
@ -53,6 +51,8 @@ files_search_home(alsa_t)
files_read_etc_files(alsa_t) files_read_etc_files(alsa_t)
files_read_usr_files(alsa_t) files_read_usr_files(alsa_t)
term_dontaudit_use_console(alsa_t)
auth_use_nsswitch(alsa_t) auth_use_nsswitch(alsa_t)
init_use_fds(alsa_t) init_use_fds(alsa_t)

36
policy/modules/services/mysql.if
View File

@ -18,24 +18,6 @@ interface(`mysql_domtrans',`
domtrans_pattern($1, mysqld_exec_t, mysqld_t) domtrans_pattern($1, mysqld_exec_t, mysqld_t)
') ')
######################################
## <summary>
## Execute MySQL server in the mysql domain.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`mysql_domtrans_mysql_safe',`
gen_require(`
type mysqld_safe_t, mysqld_safe_exec_t;
')
domtrans_pattern($1, mysqld_safe_exec_t, mysqld_safe_t)
')
######################################## ########################################
## <summary> ## <summary>
## Send a generic signal to MySQL. ## Send a generic signal to MySQL.
@ -273,6 +255,24 @@ interface(`mysql_write_log',`
allow $1 mysqld_log_t:file { write_file_perms setattr }; allow $1 mysqld_log_t:file { write_file_perms setattr };
') ')
######################################
## <summary>
## Execute MySQL server in the mysql domain.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`mysql_domtrans_mysql_safe',`
gen_require(`
type mysqld_safe_t, mysqld_safe_exec_t;
')
domtrans_pattern($1, mysqld_safe_exec_t, mysqld_safe_t)
')
##################################### #####################################
## <summary> ## <summary>
## Read MySQL PID files. ## Read MySQL PID files.

11
policy/modules/services/mysql.te
View File

@ -167,12 +167,6 @@ allow mysqld_safe_t mysqld_log_t:file manage_file_perms;
manage_files_pattern(mysqld_safe_t, mysqld_var_run_t, mysqld_var_run_t) manage_files_pattern(mysqld_safe_t, mysqld_var_run_t, mysqld_var_run_t)
delete_sock_files_pattern(mysqld_safe_t, mysqld_var_run_t, mysqld_var_run_t) delete_sock_files_pattern(mysqld_safe_t, mysqld_var_run_t, mysqld_var_run_t)
domain_read_all_domains_state(mysqld_safe_t)
files_dontaudit_getattr_all_dirs(mysqld_safe_t)
logging_log_filetrans(mysqld_safe_t, mysqld_log_t, file)
kernel_read_system_state(mysqld_safe_t) kernel_read_system_state(mysqld_safe_t)
kernel_read_kernel_sysctls(mysqld_safe_t) kernel_read_kernel_sysctls(mysqld_safe_t)
@ -180,8 +174,13 @@ corecmd_exec_bin(mysqld_safe_t)
dev_list_sysfs(mysqld_safe_t) dev_list_sysfs(mysqld_safe_t)
domain_read_all_domains_state(mysqld_safe_t)
files_read_etc_files(mysqld_safe_t) files_read_etc_files(mysqld_safe_t)
files_read_usr_files(mysqld_safe_t) files_read_usr_files(mysqld_safe_t)
files_dontaudit_getattr_all_dirs(mysqld_safe_t)
logging_log_filetrans(mysqld_safe_t, mysqld_log_t, file)
hostname_exec(mysqld_safe_t) hostname_exec(mysqld_safe_t)