[selinux-policy: 1434/3172] fixes from testing

[Daniel J Walsh]

commit f827eb63206a8e7716104440f7f59e2d2fbb02be
Author: Chris PeBenito <cpebenito at tresys.com>
Date:   Tue May 9 20:13:25 2006 +0000

    fixes from testing

 refpolicy/policy/modules/apps/vmware.if |    2 ++
 refpolicy/policy/modules/apps/vmware.te |    3 +++
 2 files changed, 5 insertions(+), 0 deletions(-)
---
diff --git a/refpolicy/policy/modules/apps/vmware.if b/refpolicy/policy/modules/apps/vmware.if
index d7dc420..1f63d96 100644
--- a/refpolicy/policy/modules/apps/vmware.if
+++ b/refpolicy/policy/modules/apps/vmware.if
@@ -139,6 +139,7 @@ template(`vmware_per_userdomain_template',`
 	files_read_etc_files($1_vmware_t)
 	files_read_etc_runtime_files($1_vmware_t)
 	files_read_usr_files($1_vmware_t)
+	files_list_home($1_vmware_t)
 
 	fs_getattr_xattr_fs($1_vmware_t)
 	fs_search_auto_mountpoints($1_vmware_t)
@@ -157,6 +158,7 @@ template(`vmware_per_userdomain_template',`
 
 	userdom_use_user_terminals($1,$1_vmware_t)
 	userdom_use_unpriv_users_fds($1_vmware_t)
+	userdom_list_user_home_dirs($1,$1_vmware_t)
 	# cjp: why?
 	userdom_read_user_home_content_files($1,$1_vmware_t)
 
diff --git a/refpolicy/policy/modules/apps/vmware.te b/refpolicy/policy/modules/apps/vmware.te
index fd47f51..151d2fa 100644
--- a/refpolicy/policy/modules/apps/vmware.te
+++ b/refpolicy/policy/modules/apps/vmware.te
@@ -30,6 +30,7 @@ files_pid_file(vmware_var_run_t)
 allow vmware_host_t self:capability { setuid net_raw };
 dontaudit vmware_host_t self:capability sys_tty_config;
 allow vmware_host_t self:process signal_perms;
+allow vmware_host_t self:fifo_file rw_file_perms;
 allow vmware_host_t self:unix_stream_socket create_stream_socket_perms;
 allow vmware_host_t self:rawip_socket create_socket_perms;
 
@@ -73,6 +74,8 @@ logging_send_syslog_msg(vmware_host_t)
 
 miscfiles_read_localization(vmware_host_t)
 
+sysnet_dns_name_resolve(vmware_host_t)
+
 userdom_dontaudit_use_unpriv_user_fds(vmware_host_t)
 userdom_dontaudit_search_sysadm_home_dirs(vmware_host_t)