[selinux-policy: 2844/3172] Allow hald to transition to netutils Block signal via mcs systems
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 23:13:10 UTC 2010
commit 079779a6348463d3ed8be0220014776db9763d19
Author: Dan Walsh <dwalsh at redhat.com>
Date: Mon Aug 30 15:15:03 2010 -0400
Allow hald to transition to netutils
Block signal via mcs systems
policy/mcs | 2 +-
policy/modules/services/hal.te | 2 ++
2 files changed, 3 insertions(+), 1 deletions(-)
---
diff --git a/policy/mcs b/policy/mcs
index ebe5833..fbd2c40 100644
--- a/policy/mcs
+++ b/policy/mcs
@@ -98,7 +98,7 @@ mlsconstrain process { transition dyntransition }
mlsconstrain process { ptrace }
(( h1 dom h2) or ( t1 == mcsptraceall ));
-mlsconstrain process { sigkill sigstop }
+mlsconstrain process { signal sigkill sigstop }
(( h1 dom h2 ) or ( t1 == mcskillall ));
#
diff --git a/policy/modules/services/hal.te b/policy/modules/services/hal.te
index 0a54d67..188cd75 100644
--- a/policy/modules/services/hal.te
+++ b/policy/modules/services/hal.te
@@ -226,6 +226,8 @@ sysnet_signal_dhcpc(hald_t)
userdom_dontaudit_use_unpriv_user_fds(hald_t)
userdom_dontaudit_search_user_home_dirs(hald_t)
+netutils_domtrans(hald_t)
+
optional_policy(`
alsa_domtrans(hald_t)
alsa_read_rw_config(hald_t)
More information about the scm-commits
mailing list