[selinux-policy: 2866/3172] Merge branches 'master', 'master' and 'master' of http://oss.tresys.com/git/refpolicy
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 23:15:14 UTC 2010
commit cdda8feee002771a0fec76c5588aedec59edf92e
Merge: ef98a37 28d96f0
Author: Dan Walsh <dwalsh at redhat.com>
Date: Fri Sep 3 17:16:08 2010 -0400
Merge branches 'master', 'master' and 'master' of http://oss.tresys.com/git/refpolicy
Conflicts:
policy/modules/admin/alsa.fc
policy/modules/admin/alsa.if
policy/modules/kernel/filesystem.fc
policy/modules/admin/alsa.fc | 2 -
policy/modules/admin/alsa.if | 47 +++++++++++++++++++++++++++++------
policy/modules/admin/alsa.te | 3 +-
policy/modules/kernel/filesystem.fc | 1 +
policy/modules/kernel/filesystem.if | 8 ++++++
policy/modules/kernel/filesystem.te | 2 +-
6 files changed, 50 insertions(+), 13 deletions(-)
---
diff --cc policy/modules/admin/alsa.if
index 090b5c9,69aa742..30bfb08
--- a/policy/modules/admin/alsa.if
+++ b/policy/modules/admin/alsa.if
@@@ -73,7 -74,10 +74,11 @@@ interface(`alsa_read_rw_config',
allow $1 alsa_etc_rw_t:dir list_dir_perms;
read_files_pattern($1, alsa_etc_rw_t, alsa_etc_rw_t)
read_lnk_files_pattern($1, alsa_etc_rw_t, alsa_etc_rw_t)
+ files_search_etc($1)
+
+ ifdef(`distro_debian',`
+ files_search_usr($1)
+ ')
')
########################################
@@@ -94,12 -99,34 +100,36 @@@ interface(`alsa_manage_rw_config',
allow $1 alsa_etc_rw_t:dir list_dir_perms;
manage_files_pattern($1, alsa_etc_rw_t, alsa_etc_rw_t)
read_lnk_files_pattern($1, alsa_etc_rw_t, alsa_etc_rw_t)
+ files_search_etc($1)
+
+ ifdef(`distro_debian',`
+ files_search_usr($1)
+ ')
')
########################################
## <summary>
- ## Read alsa lib files.
+ ## Read Alsa home files.
+ ## </summary>
+ ## <param name="domain">
+ ## <summary>
+ ## Domain allowed access.
+ ## </summary>
+ ## </param>
+ #
+ interface(`alsa_read_home_files',`
+ gen_require(`
+ type alsa_home_t;
+ ')
+
+ userdom_search_user_home_dirs($1)
+ allow $1 alsa_home_t:file read_file_perms;
++>>>>>>> .merge_file_D1FKe3
+ ')
+
+ ########################################
+ ## <summary>
+ ## Read Alsa lib files.
## </summary>
## <param name="domain">
## <summary>
@@@ -112,25 -139,6 +142,26 @@@ interface(`alsa_read_lib',
type alsa_var_lib_t;
')
+ files_search_var_lib($1)
read_files_pattern($1, alsa_var_lib_t, alsa_var_lib_t)
+ files_search_var_lib($1)
+')
+
+########################################
+## <summary>
+## Read alsa home files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`alsa_read_home_files',`
+ gen_require(`
+ type alsa_home_t;
+ ')
+
+ allow $1 alsa_home_t:file read_file_perms;
+ userdom_search_user_home_dirs($1)
')
diff --cc policy/modules/kernel/filesystem.fc
index 41dfd80,59bae6a..e9a09e1
--- a/policy/modules/kernel/filesystem.fc
+++ b/policy/modules/kernel/filesystem.fc
@@@ -1,4 -1,6 +1,5 @@@
/dev/shm -d gen_context(system_u:object_r:tmpfs_t,s0)
+ /dev/shm/.* <<none>>
-/cgroup -d gen_context(system_u:object_r:cgroup_t,s0)
-
-/sys/fs/cgroup(/.*)? <<none>>
+/cgroup(/.*)? gen_context(system_u:object_r:cgroup_t,s0)
+/sys/fs/cgroup(/.*)? <<none>>
More information about the scm-commits
mailing list