[selinux-policy: 2543/3172] Modutils patch from Dan Walsh.
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 22:46:02 UTC 2010
commit d13c6758a4626a244ccc1a6675befbfccf04c796
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Wed Mar 17 11:59:14 2010 -0400
Modutils patch from Dan Walsh.
policy/modules/system/modutils.te | 5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
---
diff --git a/policy/modules/system/modutils.te b/policy/modules/system/modutils.te
index a8aea1c..fb0dea9 100644
--- a/policy/modules/system/modutils.te
+++ b/policy/modules/system/modutils.te
@@ -1,5 +1,5 @@
-policy_module(modutils, 1.9.2)
+policy_module(modutils, 1.9.3)
gen_require(`
bool secure_mode_insmod;
@@ -136,7 +136,6 @@ corecmd_exec_bin(insmod_t)
corecmd_exec_shell(insmod_t)
dev_rw_sysfs(insmod_t)
-dev_mount_usbfs(insmod_t)
dev_search_usbfs(insmod_t)
dev_rw_mtrr(insmod_t)
dev_read_urand(insmod_t)
@@ -161,6 +160,7 @@ files_dontaudit_search_isid_type_dirs(insmod_t)
files_write_kernel_modules(insmod_t)
fs_getattr_xattr_fs(insmod_t)
+fs_dontaudit_use_tmpfs_chr_dev(insmod_t)
init_rw_initctl(insmod_t)
init_use_fds(insmod_t)
@@ -232,6 +232,7 @@ optional_policy(`
optional_policy(`
unconfined_domain(insmod_t)
+ unconfined_dontaudit_rw_pipes(insmod_t)
')
optional_policy(`
More information about the scm-commits
mailing list