[selinux-policy: 3129/3172] Use domtrans_pattern where possible.
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 23:38:16 UTC 2010
commit 3c4ffa329400074feffe640f7af10b6f20e807ea
Author: Dominick Grift <domg472 at gmail.com>
Date: Fri Sep 24 10:19:19 2010 +0200
Use domtrans_pattern where possible.
policy/modules/services/ssh.te | 5 +----
1 files changed, 1 insertions(+), 4 deletions(-)
---
diff --git a/policy/modules/services/ssh.te b/policy/modules/services/ssh.te
index 5315f9b..c1c7393 100644
--- a/policy/modules/services/ssh.te
+++ b/policy/modules/services/ssh.te
@@ -180,10 +180,7 @@ userdom_write_user_tmp_files(ssh_t)
userdom_read_user_home_content_symlinks(ssh_t)
tunable_policy(`allow_ssh_keysign',`
- domain_auto_trans(ssh_t, ssh_keysign_exec_t, ssh_keysign_t)
- allow ssh_keysign_t ssh_t:fd use;
- allow ssh_keysign_t ssh_t:process sigchld;
- allow ssh_keysign_t ssh_t:fifo_file rw_file_perms;
+ domtrans_pattern(ssh_t, ssh_keysign_exec_t, ssh_keysign_t)
')
tunable_policy(`use_nfs_home_dirs',`
More information about the scm-commits
mailing list