[selinux-policy: 1544/3172] remove setbool auditallow, except for distro_rhel4.
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 21:18:41 UTC 2010
commit 133000c2860d49d04941db20773e6bcbf4f3bd98
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Thu Jul 13 14:22:21 2006 +0000
remove setbool auditallow, except for distro_rhel4.
Changelog | 1 +
policy/modules/kernel/selinux.if | 6 +++++-
policy/modules/kernel/selinux.te | 7 ++++++-
3 files changed, 12 insertions(+), 2 deletions(-)
---
diff --git a/Changelog b/Changelog
index c79ac18..8c4b73f 100644
--- a/Changelog
+++ b/Changelog
@@ -1,3 +1,4 @@
+- Remove setbool auditallow, except for RHEL4.
- Change eventpollfs to task SID labeling.
- Add key support from Michael LeMay.
- Add ftpdctl domain to ftp, from Paul Howarth.
diff --git a/policy/modules/kernel/selinux.if b/policy/modules/kernel/selinux.if
index 08c2907..f080e2a 100644
--- a/policy/modules/kernel/selinux.if
+++ b/policy/modules/kernel/selinux.if
@@ -214,7 +214,11 @@ interface(`selinux_set_boolean',`
if(!secure_mode_policyload) {
allow $1 security_t:security setbool;
- auditallow $1 security_t:security setbool;
+
+ ifdef(`distro_rhel4',`
+ # needed for systems without audit support
+ auditallow $1 security_t:security setbool;
+ ')
}
')
diff --git a/policy/modules/kernel/selinux.te b/policy/modules/kernel/selinux.te
index 5d60938..b62940e 100644
--- a/policy/modules/kernel/selinux.te
+++ b/policy/modules/kernel/selinux.te
@@ -40,5 +40,10 @@ allow selinux_unconfined_type security_t:security ~{ load_policy setenforce setb
if(!secure_mode_policyload) {
allow selinux_unconfined_type security_t:security { load_policy setenforce setbool };
- auditallow selinux_unconfined_type security_t:security { load_policy setenforce setbool };
+ auditallow selinux_unconfined_type security_t:security { load_policy setenforce };
+
+ ifdef(`distro_rhel4',`
+ # needed for systems without audit support
+ auditallow selinux_unconfined_type security_t:security setbool;
+ ')
}
More information about the scm-commits
mailing list