rpms/ladvd/devel ladvd-0.6.1-bonding.patch, NONE, 1.1 ladvd.fc, NONE, 1.1 ladvd.if, NONE, 1.1 ladvd.te, NONE, 1.1
Andreas Thienemann
ixs at fedoraproject.org
Wed Oct 29 07:01:53 UTC 2008
- Previous message: rpms/ladvd/devel ladvd.init, NONE, 1.1 ladvd.spec, NONE, 1.1 ladvd.sysconfig, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message: rpms/ladvd/devel ladvd.spec,1.1,1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: ixs
Update of /cvs/pkgs/rpms/ladvd/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv12897
Added Files:
ladvd-0.6.1-bonding.patch ladvd.fc ladvd.if ladvd.te
Log Message:
* Sat Oct 18 2008 Andreas Thienemann <andreas at bawue.net> 0.6.1-2
- Added SElinux support package
- Added patch to make it build on EL-4
- Added separate ladvd user
ladvd-0.6.1-bonding.patch:
--- NEW FILE ladvd-0.6.1-bonding.patch ---
--- src/netif.c 2008/10/19 19:17:36 329
+++ src/netif.c 2008/10/19 22:36:35 330
@@ -508,7 +508,7 @@
}
#endif /* HAVE_SYSFS */
-#ifdef HAVE_LINUX_IF_BONDING_H
+#if defined(HAVE_LINUX_IF_BONDING_H) && defined(BOND_MODE_8023AD)
strncpy(ifr->ifr_name, master->name, IFNAMSIZ);
memset(&ifbond, 0, sizeof(ifbond));
ifr->ifr_data = (char *)&ifbond;
@@ -517,7 +517,7 @@
if (ifbond.bond_mode == BOND_MODE_8023AD)
master->lacp = 1;
}
-#endif /* HAVE_LINUX_IF_BONDING_H */
+#endif /* HAVE_LINUX_IF_BONDING_H && BOND_MODE_8023AD */
if (master->lacp == 1)
my_log(INFO, "lacp enabled on %s", master->name);
--- NEW FILE ladvd.fc ---
/usr/sbin/ladvd -- gen_context(system_u:object_r:ladvd_exec_t,s0)
/etc/rc.d/init.d/ladvd -- gen_context(system_u:object_r:ladvd_script_exec_t,s0)
--- NEW FILE ladvd.if ---
## <summary>policy for ladvd</summary>
########################################
## <summary>
## Execute a domain transition to run ladvd.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed to transition.
## </summary>
## </param>
#
interface(`ladvd_domtrans',`
gen_require(`
type ladvd_t;
type ladvd_exec_t;
')
domtrans_pattern($1,ladvd_exec_t,ladvd_t)
')
########################################
## <summary>
## Execute ladvd server in the ladvd domain.
## </summary>
## <param name="domain">
## <summary>
## The type of the process performing this action.
## </summary>
## </param>
#
interface(`ladvd_script_domtrans',`
gen_require(`
type ladvd_script_exec_t;
')
init_script_domtrans_spec($1,ladvd_script_exec_t)
')
########################################
## <summary>
## All of the rules required to administrate
## an ladvd environment
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <param name="role">
## <summary>
## The role to be allowed to manage the ladvd domain.
## </summary>
## </param>
## <param name="terminal">
## <summary>
## The type of the user terminal.
## </summary>
## </param>
## <rolecap/>
#
interface(`ladvd_admin',`
gen_require(`
type ladvd_t;
')
allow $1 ladvd_t:process { ptrace signal_perms getattr };
read_files_pattern($1, ladvd_t, ladvd_t)
gen_require(`
type ladvd_script_exec_t;
')
# Allow ladvd_t to restart the apache service
ladvd_script_domtrans($1)
domain_system_change_exemption($1)
role_transition $2 ladvd_script_exec_t system_r;
allow $2 system_r;
')
--- NEW FILE ladvd.te ---
policy_module(ladvd,1.0.0)
require {
type net_conf_t;
type sysctl_net_t;
type var_run_t;
type ladvd_t;
type sysfs_t;
type sysctl_t;
class capability { setuid net_raw setgid };
class file { write getattr read lock create };
class netlink_route_socket { write getattr read bind create nlmsg_read };
class packet_socket { write create };
class lnk_file read;
class udp_socket { create ioctl };
class dir { write search add_name getattr };
}
########################################
#
# Declarations
#
type ladvd_t;
type ladvd_exec_t;
init_daemon_domain(ladvd_t, ladvd_exec_t)
type ladvd_script_exec_t;
init_script_file(ladvd_script_exec_t)
########################################
#
# ladvd local policy
#
# Init script handling
domain_use_interactive_fds(ladvd_t)
# internal communication is often done using fifo and unix sockets.
allow ladvd_t self:fifo_file rw_file_perms;
allow ladvd_t self:unix_stream_socket create_stream_socket_perms;
files_read_etc_files(ladvd_t)
libs_use_ld_so(ladvd_t)
libs_use_shared_libs(ladvd_t)
miscfiles_read_localization(ladvd_t)
logging_send_syslog_msg(ladvd_t)
allow ladvd_t net_conf_t:file { read getattr };
allow ladvd_t self:capability { setuid net_raw setgid };
allow ladvd_t self:netlink_route_socket { write getattr read bind create nlmsg_read };
allow ladvd_t self:packet_socket { write create };
allow ladvd_t self:udp_socket { create ioctl };
allow ladvd_t sysctl_net_t:dir search;
allow ladvd_t sysctl_net_t:file read;
allow ladvd_t sysctl_t:dir search;
allow ladvd_t sysfs_t:dir { search getattr };
allow ladvd_t sysfs_t:file { read getattr };
allow ladvd_t sysfs_t:lnk_file read;
allow ladvd_t var_run_t:dir { write add_name };
allow ladvd_t var_run_t:file { write lock create };
- Previous message: rpms/ladvd/devel ladvd.init, NONE, 1.1 ladvd.spec, NONE, 1.1 ladvd.sysconfig, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message: rpms/ladvd/devel ladvd.spec,1.1,1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list