[selinux-policy: 2484/3172] Fix cobbler_admin interface to require cobblerd_initrc_exec_t.
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 22:40:44 UTC 2010
commit 183f79e38ec40f1296b9bf6b1569ce9a908b408d
Author: Dominick Grift <domg472 at gmail.com>
Date: Thu Mar 4 19:52:02 2010 +0100
Fix cobbler_admin interface to require cobblerd_initrc_exec_t.
As per: http://oss.tresys.com/pipermail/refpolicy/2010-March/002258.html
Signed-off-by: Dominick Grift <domg472 at gmail.com>
Signed-off-by: Chris PeBenito <cpebenito at tresys.com>
policy/modules/services/cobbler.if | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/policy/modules/services/cobbler.if b/policy/modules/services/cobbler.if
index 1f2c492..8ce15ef 100644
--- a/policy/modules/services/cobbler.if
+++ b/policy/modules/services/cobbler.if
@@ -161,7 +161,7 @@ interface(`cobbler_manage_lib_files',`
interface(`cobblerd_admin',`
gen_require(`
type cobblerd_t, cobbler_var_lib_t, cobbler_var_log_t;
- type cobbler_etc_t;
+ type cobbler_etc_t, cobblerd_initrc_exec_t;
')
allow $1 cobblerd_t:process { ptrace signal_perms getattr };
More information about the scm-commits
mailing list