[selinux-policy: 2408/3172] Move netlink route sockets from nsswitch to DNS name resolve.

Daniel J Walsh dwalsh at fedoraproject.org
Thu Oct 7 22:33:43 UTC 2010 

commit aadcb968f9a848f3ee9e1bb8f995e7f603e1c4f5
Author: Chris PeBenito <pebenito at gentoo.org>
Date:   Wed Feb 17 20:28:59 2010 -0500

    Move netlink route sockets from nsswitch to DNS name resolve.

 policy/modules/system/authlogin.if  |    2 --
 policy/modules/system/authlogin.te  |    2 +-
 policy/modules/system/sysnetwork.if |    1 +
 policy/modules/system/sysnetwork.te |    2 +-
 4 files changed, 3 insertions(+), 4 deletions(-)
---
diff --git a/policy/modules/system/authlogin.if b/policy/modules/system/authlogin.if
index 8d1d529..8a89f59 100644
--- a/policy/modules/system/authlogin.if
+++ b/policy/modules/system/authlogin.if
@@ -1378,8 +1378,6 @@ interface(`auth_manage_login_records',`
 #
 interface(`auth_use_nsswitch',`
 
-	allow $1 self:netlink_route_socket r_netlink_socket_perms;
-
 	files_list_var_lib($1)
 
 	# read /etc/nsswitch.conf
diff --git a/policy/modules/system/authlogin.te b/policy/modules/system/authlogin.te
index bd629c2..b883897 100644
--- a/policy/modules/system/authlogin.te
+++ b/policy/modules/system/authlogin.te
@@ -1,5 +1,5 @@
 
-policy_module(authlogin, 2.1.0)
+policy_module(authlogin, 2.1.1)
 
 ########################################
 #
diff --git a/policy/modules/system/sysnetwork.if b/policy/modules/system/sysnetwork.if
index a0cd508..43fc19b 100644
--- a/policy/modules/system/sysnetwork.if
+++ b/policy/modules/system/sysnetwork.if
@@ -543,6 +543,7 @@ interface(`sysnet_dns_name_resolve',`
 
 	allow $1 self:tcp_socket create_socket_perms;
 	allow $1 self:udp_socket create_socket_perms;
+	allow $1 self:netlink_route_socket r_netlink_socket_perms;
 
 	corenet_all_recvfrom_unlabeled($1)
 	corenet_all_recvfrom_netlabel($1)
diff --git a/policy/modules/system/sysnetwork.te b/policy/modules/system/sysnetwork.te
index ab083b9..90e8bc7 100644
--- a/policy/modules/system/sysnetwork.te
+++ b/policy/modules/system/sysnetwork.te
@@ -1,5 +1,5 @@
 
-policy_module(sysnetwork, 1.10.1)
+policy_module(sysnetwork, 1.10.2)
 
 ########################################
 #

More information about the scm-commits mailing list