4976982e85
This small patch updates the dhcpc_t (DHCP client domain) to allow updating the kernel's routing tables (as that is a primary purpose of a DHCP client) as well as interact with the kernel through the net_sysctls. Also, one client (dhcpcd) uses /var/run/dhcpcd so add that in the file context definition as well. Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
68 lines
2.7 KiB
Plaintext
68 lines
2.7 KiB
Plaintext
|
|
#
|
|
# /bin
|
|
#
|
|
/bin/ip -- gen_context(system_u:object_r:ifconfig_exec_t,s0)
|
|
|
|
#
|
|
# /etc
|
|
#
|
|
/etc/dhclient.*conf -- gen_context(system_u:object_r:dhcp_etc_t,s0)
|
|
/etc/dhclient-script -- gen_context(system_u:object_r:dhcp_etc_t,s0)
|
|
/etc/dhcpc.* gen_context(system_u:object_r:dhcp_etc_t,s0)
|
|
/etc/dhcpd\.conf -- gen_context(system_u:object_r:dhcp_etc_t,s0)
|
|
/etc/dhcp/dhcpd\.conf -- gen_context(system_u:object_r:dhcp_etc_t,s0)
|
|
/etc/ethers -- gen_context(system_u:object_r:net_conf_t,s0)
|
|
/etc/hosts -- gen_context(system_u:object_r:net_conf_t,s0)
|
|
/etc/hosts\.deny.* -- gen_context(system_u:object_r:net_conf_t,s0)
|
|
/etc/denyhosts.* -- gen_context(system_u:object_r:net_conf_t,s0)
|
|
/etc/resolv\.conf.* -- gen_context(system_u:object_r:net_conf_t,s0)
|
|
/etc/yp\.conf.* -- gen_context(system_u:object_r:net_conf_t,s0)
|
|
|
|
/etc/dhcp3(/.*)? gen_context(system_u:object_r:dhcp_etc_t,s0)
|
|
/etc/dhcp3?/dhclient.* gen_context(system_u:object_r:dhcp_etc_t,s0)
|
|
|
|
ifdef(`distro_redhat',`
|
|
/etc/sysconfig/network-scripts/.*resolv\.conf -- gen_context(system_u:object_r:net_conf_t,s0)
|
|
/etc/sysconfig/networking(/.*)? gen_context(system_u:object_r:net_conf_t,s0)
|
|
/etc/sysconfig/network-scripts(/.*)? gen_context(system_u:object_r:net_conf_t,s0)
|
|
')
|
|
|
|
#
|
|
# /sbin
|
|
#
|
|
/sbin/dhclient.* -- gen_context(system_u:object_r:dhcpc_exec_t,s0)
|
|
/sbin/dhcdbd -- gen_context(system_u:object_r:dhcpc_exec_t,s0)
|
|
/sbin/dhcpcd -- gen_context(system_u:object_r:dhcpc_exec_t,s0)
|
|
/sbin/ethtool -- gen_context(system_u:object_r:ifconfig_exec_t,s0)
|
|
/sbin/ifconfig -- gen_context(system_u:object_r:ifconfig_exec_t,s0)
|
|
/sbin/ip -- gen_context(system_u:object_r:ifconfig_exec_t,s0)
|
|
/sbin/ipx_configure -- gen_context(system_u:object_r:ifconfig_exec_t,s0)
|
|
/sbin/ipx_interface -- gen_context(system_u:object_r:ifconfig_exec_t,s0)
|
|
/sbin/ipx_internal_net -- gen_context(system_u:object_r:ifconfig_exec_t,s0)
|
|
/sbin/iwconfig -- gen_context(system_u:object_r:ifconfig_exec_t,s0)
|
|
/sbin/mii-tool -- gen_context(system_u:object_r:ifconfig_exec_t,s0)
|
|
/sbin/pump -- gen_context(system_u:object_r:dhcpc_exec_t,s0)
|
|
/sbin/tc -- gen_context(system_u:object_r:ifconfig_exec_t,s0)
|
|
|
|
#
|
|
# /usr
|
|
#
|
|
/usr/sbin/tc -- gen_context(system_u:object_r:ifconfig_exec_t,s0)
|
|
|
|
#
|
|
# /var
|
|
#
|
|
/var/lib/dhcp3? -d gen_context(system_u:object_r:dhcp_state_t,s0)
|
|
/var/lib/dhcp3?/dhclient.* gen_context(system_u:object_r:dhcpc_state_t,s0)
|
|
/var/lib/dhcpcd(/.*)? gen_context(system_u:object_r:dhcpc_state_t,s0)
|
|
/var/lib/dhclient(/.*)? gen_context(system_u:object_r:dhcpc_state_t,s0)
|
|
/var/lib/wifiroamd(/.*)? gen_context(system_u:object_r:dhcpc_state_t,s0)
|
|
|
|
/var/run/dhclient.* -- gen_context(system_u:object_r:dhcpc_var_run_t,s0)
|
|
/var/run/dhcpcd(/.*)? gen_context(system_u:object_r:dhcpc_var_run_t,s0)
|
|
|
|
ifdef(`distro_gentoo',`
|
|
/var/lib/dhcpc(/.*)? gen_context(system_u:object_r:dhcpc_state_t,s0)
|
|
')
|