[selinux-policy] Use proper interface

Miroslav Grepl mgrepl at fedoraproject.org
Tue Sep 27 18:17:42 UTC 2011 

commit 37ce30c21dd8f28de078a7ec5ec819ad065e19f9
Author: Miroslav <mgrepl at redhat.com>
Date:   Tue Sep 27 20:17:22 2011 +0200

    Use proper interface

 ephemeral.patch |   12 ++++++------
 1 files changed, 6 insertions(+), 6 deletions(-)
---
diff --git a/ephemeral.patch b/ephemeral.patch
index 76fa8e2..9657a26 100644
--- a/ephemeral.patch
+++ b/ephemeral.patch
@@ -6,7 +6,7 @@ index 68929b9..3370160 100644
  corenet_tcp_sendrecv_squid_port(mozilla_t)
  corenet_tcp_connect_flash_port(mozilla_t)
  corenet_tcp_sendrecv_ftp_port(mozilla_t)
-+corenet_tcp_connect_ephemeral_port(mozilla_t)
++corenet_tcp_connect_all_ephemeral_ports(mozilla_t)
  corenet_tcp_sendrecv_ipp_port(mozilla_t)
  corenet_tcp_connect_http_port(mozilla_t)
  corenet_tcp_connect_http_cache_port(mozilla_t)
@@ -18,7 +18,7 @@ index 31c02d2..f61ee10 100644
  corenet_tcp_connect_squid_port(sandbox_web_type)
  corenet_tcp_connect_flash_port(sandbox_web_type)
  corenet_tcp_connect_ftp_port(sandbox_web_type)
-+corenet_tcp_connect_ephemeral_port(sandbox_web_type)
++corenet_tcp_connect_all_ephemeral_ports(sandbox_web_type)
  corenet_tcp_connect_ipp_port(sandbox_web_type)
  corenet_tcp_connect_streaming_port(sandbox_web_type)
  corenet_tcp_connect_pulseaudio_port(sandbox_web_type)
@@ -183,7 +183,7 @@ index 8596b90..9f37c11 100644
  	corenet_sendrecv_http_client_packets(httpd_t)
  	corenet_sendrecv_http_cache_client_packets(httpd_t)
  	corenet_sendrecv_squid_client_packets(httpd_t)
-+	corenet_tcp_connect_ephemeral_port(httpd_t)
++	corenet_tcp_connect_all_ephemeral_ports(httpd_t)
  ')
  
  tunable_policy(`httpd_execmem',`
@@ -193,7 +193,7 @@ index 8596b90..9f37c11 100644
  
 +tunable_policy(`httpd_can_network_connect_ftp',`
 +	corenet_tcp_connect_ftp_port(httpd_t)
-+	corenet_tcp_connect_ephemeral_port(httpd_t)
++	corenet_tcp_connect_all_ephemeral_ports(httpd_t)
 +')
 +
  tunable_policy(`httpd_enable_ftp_server',`
@@ -210,7 +210,7 @@ index 2607914..cb33e76 100644
  corenet_tcp_sendrecv_cobbler_port(cobblerd_t)
  # sync and rsync to ftp and http are permitted by default, for any other media use cobbler_can_network_connect.
  corenet_tcp_connect_ftp_port(cobblerd_t)
-+corenet_tcp_connect_ephemeral_port(ftpd_t)
++corenet_tcp_connect_all_ephemeral_ports(ftpd_t)
  corenet_tcp_sendrecv_ftp_port(cobblerd_t)
  corenet_sendrecv_ftp_client_packets(cobblerd_t)
  corenet_tcp_connect_http_port(cobblerd_t)
@@ -239,7 +239,7 @@ index 1b9893a..a8eaa4d 100644
  corenet_tcp_connect_http_port(mock_t)
  corenet_tcp_connect_ftp_port(mock_t)
 -corenet_tcp_connect_all_unreserved_ports(mock_t)
-+corenet_tcp_connect_ephemeral_port(mock_t)
++corenet_tcp_connect_all_ephemeral_ports(mock_t)
  
  dev_read_urand(mock_t)
  dev_read_sysfs(mock_t)

More information about the scm-commits mailing list