[selinux-policy: 1567/3172] fix cron_system_entry() rules
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 21:20:39 UTC 2010
commit 3573908f1c77c5f8abbb952e949d8aa34b5de3c1
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Wed Aug 16 13:52:18 2006 +0000
fix cron_system_entry() rules
policy/modules/services/cron.if | 3 ++-
policy/modules/services/cron.te | 2 +-
2 files changed, 3 insertions(+), 2 deletions(-)
---
diff --git a/policy/modules/services/cron.if b/policy/modules/services/cron.if
index 88033ab..e3b1abc 100644
--- a/policy/modules/services/cron.if
+++ b/policy/modules/services/cron.if
@@ -322,7 +322,6 @@ interface(`cron_system_entry',`
# cjp: perhaps these four rules from the old
# domain_auto_trans are not needed?
- allow system_crond_t $1:fd use;
allow $1 system_crond_t:fd use;
allow $1 system_crond_t:fifo_file rw_file_perms;
allow $1 system_crond_t:process sigchld;
@@ -330,6 +329,8 @@ interface(`cron_system_entry',`
allow $1 crond_t:fifo_file rw_file_perms;
allow $1 crond_t:fd use;
allow $1 crond_t:process sigchld;
+
+ role system_r types $1;
')
########################################
diff --git a/policy/modules/services/cron.te b/policy/modules/services/cron.te
index 3b48afb..3ee3cf3 100644
--- a/policy/modules/services/cron.te
+++ b/policy/modules/services/cron.te
@@ -1,5 +1,5 @@
-policy_module(cron,1.3.9)
+policy_module(cron,1.3.10)
gen_require(`
class passwd rootok;
More information about the scm-commits
mailing list