Hi, I noticed the selinux-policy of Fedora is not updated to the
latest upstream refpolicy in type_transition rules.
The attached file is a diff set of services/postgresql.te between the
upstream and selinux-policy-3.10.0-55.
It drops the following type_transition rules:
type_transition postgresql_t sepgsql_database_type:db_schema sepgsql_schema_t;
type_transition postgresql_t sepgsql_schema_type:db_table sepgsql_sysobj_t;
type_transition postgresql_t sepgsql_schema_type:db_sequence sepgsql_seq_t;
type_transition postgresql_t sepgsql_schema_type:db_view sepgsql_view_t;
type_transition postgresql_t sepgsql_schema_type:db_procedure
sepgsql_proc_exec_t;
And, it defines the rules incorrectly.
-type_transition sepgsql_admin_type sepgsql_schema_type:db_sequence
sepgsql_seq_t;
+type_transition sepgsql_admin_type sepgsql_schema_type:db_schema sepgsql_seq_t;
-type_transition sepgsql_admin_type sepgsql_schema_type:db_view sepgsql_view_t;
+type_transition sepgsql_admin_type sepgsql_view_type:db_view sepgsql_view_t;
Please fix them. Thanks,
--
KaiGai Kohei <kaigai(a)kaigai.gr.jp>
Show replies by date