[selinux-policy: 699/3172] rework nis_use_ypbind since optionals dont work in conditionals
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 20:05:20 UTC 2010
commit b9ae3aab3919662a95d3766829fe6fa53bb68b04
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Fri Sep 23 22:14:54 2005 +0000
rework nis_use_ypbind since optionals dont work in conditionals
refpolicy/policy/modules/services/nis.if | 8 +++++---
1 files changed, 5 insertions(+), 3 deletions(-)
---
diff --git a/refpolicy/policy/modules/services/nis.if b/refpolicy/policy/modules/services/nis.if
index 27328b3..2a2a5fd 100644
--- a/refpolicy/policy/modules/services/nis.if
+++ b/refpolicy/policy/modules/services/nis.if
@@ -45,12 +45,14 @@ interface(`nis_use_ypbind',`
corenet_dontaudit_tcp_connect_all_reserved_ports($1)
sysnet_read_config($1)
+ ',`
+ dontaudit $1 var_yp_t:dir search;
+ ')
- optional_policy(`mount.te',`
+ optional_policy(`mount.te',`
+ tunable_policy(`allow_ypbind',`
mount_send_nfs_client_request($1)
')
- ',`
- dontaudit $1 var_yp_t:dir search;
')
')
More information about the scm-commits
mailing list