[selinux-policy/f14/master: 3170/3230] bootloader: search parent.
Daniel J Walsh
dwalsh at fedoraproject.org
Tue Oct 12 20:13:43 UTC 2010
commit ace98b78df51f18373eb2b2cee143078f7ea1114
Author: Dominick Grift <domg472 at gmail.com>
Date: Mon Oct 4 20:23:15 2010 +0200
bootloader: search parent.
Signed-off-by: Dominick Grift <domg472 at gmail.com>
policy/modules/admin/bootloader.if | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
---
diff --git a/policy/modules/admin/bootloader.if b/policy/modules/admin/bootloader.if
index ebe8570..90b5e3a 100644
--- a/policy/modules/admin/bootloader.if
+++ b/policy/modules/admin/bootloader.if
@@ -15,6 +15,7 @@ interface(`bootloader_domtrans',`
type bootloader_t, bootloader_exec_t;
')
+ corecmd_search_bin($1)
domtrans_pattern($1, bootloader_exec_t, bootloader_t)
')
@@ -105,6 +106,7 @@ interface(`bootloader_rw_tmp_files',`
')
# FIXME: read tmp_t dir
+ files_search_tmp($1)
allow $1 bootloader_tmp_t:file rw_file_perms;
')
More information about the scm-commits
mailing list