[selinux-policy: 1005/3172] fix kerberos_use, which turned out to be a problem in dns_reslove
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 20:31:51 UTC 2010
commit 574e63fabc1fd2a9ad1dfdf68643e269f4bde6f2
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Tue Nov 29 15:36:53 2005 +0000
fix kerberos_use, which turned out to be a problem in dns_reslove
refpolicy/policy/modules/services/radius.te | 1 +
refpolicy/policy/modules/system/sysnetwork.if | 2 +-
2 files changed, 2 insertions(+), 1 deletions(-)
---
diff --git a/refpolicy/policy/modules/services/radius.te b/refpolicy/policy/modules/services/radius.te
index cb79790..66574c4 100644
--- a/refpolicy/policy/modules/services/radius.te
+++ b/refpolicy/policy/modules/services/radius.te
@@ -73,6 +73,7 @@ fs_search_auto_mountpoints(radiusd_t)
term_dontaudit_use_console(radiusd_t)
auth_read_shadow(radiusd_t)
+auth_domtrans_chk_passwd(radiusd_t)
corecmd_exec_bin(radiusd_t)
corecmd_exec_shell(radiusd_t)
diff --git a/refpolicy/policy/modules/system/sysnetwork.if b/refpolicy/policy/modules/system/sysnetwork.if
index 42f145b..386661c 100644
--- a/refpolicy/policy/modules/system/sysnetwork.if
+++ b/refpolicy/policy/modules/system/sysnetwork.if
@@ -419,7 +419,7 @@ interface(`sysnet_dns_name_resolve',`
corenet_tcp_sendrecv_all_nodes($1)
corenet_udp_sendrecv_all_nodes($1)
corenet_raw_sendrecv_all_nodes($1)
- corenet_tcp_sendrecv_all_ports($1)
+ corenet_tcp_sendrecv_dns_port($1)
corenet_udp_sendrecv_dns_port($1)
corenet_tcp_bind_all_nodes($1)
corenet_udp_bind_all_nodes($1)
More information about the scm-commits
mailing list