[selinux-policy: 1669/3172] Patch for kerberized ftp and other ftp fixes from Dan Walsh.
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 21:29:19 UTC 2010
commit 09c56f549691c4d68bf103c86a60e5b12e9c27d8
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Wed Feb 28 17:01:47 2007 +0000
Patch for kerberized ftp and other ftp fixes from Dan Walsh.
Changelog | 1 +
policy/modules/services/ftp.te | 8 ++++++--
2 files changed, 7 insertions(+), 2 deletions(-)
---
diff --git a/Changelog b/Changelog
index c14a0d1..10e0d51 100644
--- a/Changelog
+++ b/Changelog
@@ -1,3 +1,4 @@
+- Patch for kerberized ftp and other ftp fixes from Dan Walsh.
- Patch for an additional wine executable from Dan Walsh.
- Patch for additional games file contexts from Dan Walsh.
- Add support for libselinux 2.0.5 init_selinuxmnt() changes.
diff --git a/policy/modules/services/ftp.te b/policy/modules/services/ftp.te
index c4a5d18..8923635 100644
--- a/policy/modules/services/ftp.te
+++ b/policy/modules/services/ftp.te
@@ -1,5 +1,5 @@
-policy_module(ftp,1.4.1)
+policy_module(ftp,1.4.2)
########################################
#
@@ -125,7 +125,7 @@ auth_domtrans_chk_passwd(ftpd_t)
auth_append_login_records(ftpd_t)
#kerberized ftp requires the following
auth_write_login_records(ftpd_t)
-auth_append_faillog(ftpd_t)
+auth_rw_faillog(ftpd_t)
init_use_fds(ftpd_t)
init_use_script_ptys(ftpd_t)
@@ -236,6 +236,10 @@ optional_policy(`
')
optional_policy(`
+ kerberos_read_keytab(ftpd_t)
+')
+
+optional_policy(`
#reh: typeattributes not allowed in conditionals yet.
#tunable_policy(`! ftpd_is_daemon',`
# inetd_tcp_service_domain(ftpd_t,ftpd_exec_t)
More information about the scm-commits
mailing list