[selinux-policy: 2926/3172] courier patch from Dan Walsh
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 23:20:27 UTC 2010
commit 483be01302347bf2b513f420cd543a13d775ec5d
Author: Jeremy Solt <jsolt at tresys.com>
Date: Mon Aug 30 10:45:10 2010 -0400
courier patch from Dan Walsh
policy/modules/services/courier.if | 2 ++
policy/modules/services/courier.te | 1 +
2 files changed, 3 insertions(+), 0 deletions(-)
---
diff --git a/policy/modules/services/courier.if b/policy/modules/services/courier.if
index 37b03f6..9971337 100644
--- a/policy/modules/services/courier.if
+++ b/policy/modules/services/courier.if
@@ -38,10 +38,12 @@ template(`courier_domain_template',`
read_files_pattern(courier_$1_t, courier_etc_t, courier_etc_t)
allow courier_$1_t courier_etc_t:dir list_dir_perms;
+ manage_dirs_pattern(courier_$1_t, courier_var_run_t, courier_var_run_t)
manage_files_pattern(courier_$1_t, courier_var_run_t, courier_var_run_t)
manage_lnk_files_pattern(courier_$1_t, courier_var_run_t, courier_var_run_t)
manage_sock_files_pattern(courier_$1_t, courier_var_run_t, courier_var_run_t)
files_search_pids(courier_$1_t)
+ files_pid_filetrans(courier_$1_t, courier_var_run_t, dir)
kernel_read_system_state(courier_$1_t)
kernel_read_kernel_sysctls(courier_$1_t)
diff --git a/policy/modules/services/courier.te b/policy/modules/services/courier.te
index b96c242..72901d8 100644
--- a/policy/modules/services/courier.te
+++ b/policy/modules/services/courier.te
@@ -48,6 +48,7 @@ allow courier_authdaemon_t courier_tcpd_t:fifo_file rw_fifo_file_perms;
allow courier_authdaemon_t courier_tcpd_t:tcp_socket rw_stream_socket_perms;
allow courier_authdaemon_t courier_tcpd_t:unix_stream_socket rw_stream_socket_perms;
allow courier_authdaemon_t courier_tcpd_t:process sigchld;
+allow courier_authdaemon_t courier_tcpd_t:fd use;
allow courier_authdaemon_t courier_tcpd_t:tcp_socket rw_stream_socket_perms;
allow courier_authdaemon_t courier_tcpd_t:fifo_file rw_file_perms;
More information about the scm-commits
mailing list