[selinux-policy: 2427/3172] Minor tweaks and module version bump for 68cda59.

Daniel J Walsh dwalsh at fedoraproject.org
Thu Oct 7 22:35:22 UTC 2010 

commit 102146088464561c6fff73cf42a3a6d93cc27463
Author: Chris PeBenito <cpebenito at tresys.com>
Date:   Tue Feb 23 13:58:18 2010 -0500

    Minor tweaks and module version bump for 68cda59.

 policy/modules/services/mysql.fc |    6 ++----
 policy/modules/services/mysql.if |    1 -
 policy/modules/services/mysql.te |   24 +++++++++++++-----------
 3 files changed, 15 insertions(+), 16 deletions(-)
---
diff --git a/policy/modules/services/mysql.fc b/policy/modules/services/mysql.fc
index f59c8d5..cc7192c 100644
--- a/policy/modules/services/mysql.fc
+++ b/policy/modules/services/mysql.fc
@@ -6,7 +6,7 @@
 /etc/my\.cnf		--	gen_context(system_u:object_r:mysqld_etc_t,s0)
 /etc/mysql(/.*)?		gen_context(system_u:object_r:mysqld_etc_t,s0)
 /etc/rc\.d/init\.d/mysqld --	gen_context(system_u:object_r:mysqld_initrc_exec_t,s0)
-/etc/rc\.d/init\.d/mysqlmanager	--	gen_context(system_u:object_r:mysqlmanagerd_initrc_exec_t,s0)
+/etc/rc\.d/init\.d/mysqlmanager -- gen_context(system_u:object_r:mysqlmanagerd_initrc_exec_t,s0)
 
 #
 # /usr
@@ -16,7 +16,6 @@
 /usr/libexec/mysqld	--	gen_context(system_u:object_r:mysqld_exec_t,s0)
 
 /usr/sbin/mysqld(-max)?	--	gen_context(system_u:object_r:mysqld_exec_t,s0)
-
 /usr/sbin/mysqlmanager	--	gen_context(system_u:object_r:mysqlmanagerd_exec_t,s0)
 
 #
@@ -28,5 +27,4 @@
 /var/log/mysql.*	--	gen_context(system_u:object_r:mysqld_log_t,s0)
 
 /var/run/mysqld(/.*)?		gen_context(system_u:object_r:mysqld_var_run_t,s0)
-
-/var/run/mysqld/mysqlmanager.*	--	gen_context(system_u:object_r:mysqlmanagerd_var_run_t,s0)
+/var/run/mysqld/mysqlmanager.* -- gen_context(system_u:object_r:mysqlmanagerd_var_run_t,s0)
diff --git a/policy/modules/services/mysql.if b/policy/modules/services/mysql.if
index a5e70e2..7d70e4f 100644
--- a/policy/modules/services/mysql.if
+++ b/policy/modules/services/mysql.if
@@ -246,7 +246,6 @@ interface(`mysql_write_log',`
 ##	Domain allowed access.
 ##	</summary>
 ## </param>
-##
 #
 interface(`mysql_read_pid_files',`
 	gen_require(`
diff --git a/policy/modules/services/mysql.te b/policy/modules/services/mysql.te
index a226060..2323ada 100644
--- a/policy/modules/services/mysql.te
+++ b/policy/modules/services/mysql.te
@@ -1,5 +1,5 @@
 
-policy_module(mysql, 1.11.1)
+policy_module(mysql, 1.11.2)
 
 ########################################
 #
@@ -32,11 +32,6 @@ logging_log_file(mysqld_log_t)
 type mysqld_tmp_t;
 files_tmp_file(mysqld_tmp_t)
 
-########################################
-#
-# MySQL Manager Declarations
-#
-
 type mysqlmanagerd_t;
 type mysqlmanagerd_exec_t;
 init_daemon_domain(mysqlmanagerd_t, mysqlmanagerd_exec_t)
@@ -182,6 +177,7 @@ mysql_write_log(mysqld_safe_t)
 #
 # MySQL Manager Policy
 #
+
 allow mysqlmanagerd_t self:capability { dac_override kill };
 allow mysqlmanagerd_t self:process signal;
 allow mysqlmanagerd_t self:fifo_file rw_fifo_file_perms;
@@ -195,8 +191,16 @@ mysql_search_db(mysqlmanagerd_t)
 mysql_signal(mysqlmanagerd_t)
 mysql_stream_connect(mysqlmanagerd_t)
 
+domtrans_pattern(mysqlmanagerd_t, mysqld_exec_t, mysqld_t)
+
+manage_files_pattern(mysqlmanagerd_t, mysqld_var_run_t, mysqlmanagerd_var_run_t)
+manage_sock_files_pattern(mysqlmanagerd_t, mysqld_var_run_t, mysqlmanagerd_var_run_t)
+filetrans_pattern(mysqlmanagerd_t, mysqld_var_run_t, mysqlmanagerd_var_run_t, { file sock_file })
+
 kernel_read_system_state(mysqlmanagerd_t)
+
 corecmd_exec_shell(mysqlmanagerd_t)
+
 corenet_all_recvfrom_unlabeled(mysqlmanagerd_t)
 corenet_all_recvfrom_netlabel(mysqlmanagerd_t)
 corenet_tcp_sendrecv_generic_if(mysqlmanagerd_t)
@@ -207,14 +211,12 @@ corenet_tcp_bind_mysqlmanagerd_port(mysqlmanagerd_t)
 corenet_tcp_connect_mysqlmanagerd_port(mysqlmanagerd_t)
 corenet_sendrecv_mysqlmanagerd_server_packets(mysqlmanagerd_var_run_t)
 corenet_sendrecv_mysqlmanagerd_client_packets(mysqlmanagerd_var_run_t)
+
 dev_read_urand(mysqlmanagerd_t)
+
 files_read_etc_files(mysqlmanagerd_t)
 files_read_usr_files(mysqlmanagerd_t)
 
 miscfiles_read_localization(mysqlmanagerd_t)
-userdom_getattr_user_home_dirs(mysqlmanagerd_t)
 
-domtrans_pattern(mysqlmanagerd_t, mysqld_exec_t, mysqld_t)
-filetrans_pattern(mysqlmanagerd_t, mysqld_var_run_t, mysqlmanagerd_var_run_t, { file sock_file })
-manage_files_pattern(mysqlmanagerd_t, mysqld_var_run_t, mysqlmanagerd_var_run_t)
-manage_sock_files_pattern(mysqlmanagerd_t, mysqld_var_run_t, mysqlmanagerd_var_run_t)
+userdom_getattr_user_home_dirs(mysqlmanagerd_t)

More information about the scm-commits mailing list