[selinux-policy: 2554/3172] Zebra patch from Dan Walsh.
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 22:47:01 UTC 2010
commit bed0a44560f8f12a68ccd2de5f1a5951d18c17c9
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Fri Mar 19 15:45:25 2010 -0400
Zebra patch from Dan Walsh.
policy/modules/services/zebra.if | 22 +++++++++++++++++++++-
policy/modules/services/zebra.te | 2 +-
2 files changed, 22 insertions(+), 2 deletions(-)
---
diff --git a/policy/modules/services/zebra.if b/policy/modules/services/zebra.if
index cc3eb84..6b87605 100644
--- a/policy/modules/services/zebra.if
+++ b/policy/modules/services/zebra.if
@@ -24,7 +24,27 @@ interface(`zebra_read_config',`
########################################
## <summary>
-## All of the rules required to administrate
+## Connect to zebra over an unix stream socket.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`zebra_stream_connect',`
+ gen_require(`
+ type zebra_t, zebra_var_run_t;
+ ')
+
+ files_search_pids($1)
+ allow $1 zebra_var_run_t:sock_file write;
+ allow $1 zebra_t:unix_stream_socket connectto;
+')
+
+########################################
+## <summary>
+## All of the rules required to administrate
## an zebra environment
## </summary>
## <param name="domain">
diff --git a/policy/modules/services/zebra.te b/policy/modules/services/zebra.te
index b6ea7dd..c23f9a1 100644
--- a/policy/modules/services/zebra.te
+++ b/policy/modules/services/zebra.te
@@ -1,5 +1,5 @@
-policy_module(zebra, 1.10.0)
+policy_module(zebra, 1.10.1)
########################################
#
More information about the scm-commits
mailing list