[selinux-policy] Turn off F20 permissive domains, add docker
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Nov 21 14:12:19 UTC 2013
commit ae07faa14744b0a1b66d88bef29c391335c6f1f8
Author: Dan Walsh <dwalsh at redhat.com>
Date: Thu Nov 21 09:20:24 2013 -0500
Turn off F20 permissive domains, add docker
modules-targeted-contrib.conf | 7 ++++
permissivedomains.te | 67 +++-------------------------------------
2 files changed, 12 insertions(+), 62 deletions(-)
---
diff --git a/modules-targeted-contrib.conf b/modules-targeted-contrib.conf
index 7c66fb0..cc492db 100644
--- a/modules-targeted-contrib.conf
+++ b/modules-targeted-contrib.conf
@@ -574,6 +574,13 @@ dnsmasq = module
dnssec = module
# Layer: services
+# Module: docker
+#
+# Docker
+#
+docker = module
+
+# Layer: services
# Module: dovecot
#
# Dovecot POP and IMAP mail server
diff --git a/permissivedomains.te b/permissivedomains.te
index c864bad..e4771f9 100644
--- a/permissivedomains.te
+++ b/permissivedomains.te
@@ -1,76 +1,19 @@
-policy_module(permissivedomains,20)
+policy_module(permissivedomains,21)
optional_policy(`
gen_require(`
- type gssproxy_t;
- ')
-
- permissive gssproxy_t;
-')
-
-optional_policy(`
- gen_require(`
- type prosody_t;
- ')
-
- permissive prosody_t;
-')
-
-optional_policy(`
- gen_require(`
- type redis_t;
- ')
-
- permissive redis_t;
-')
-
-optional_policy(`
- gen_require(`
- type hypervkvp_t;
- ')
-
- permissive hypervkvp_t;
-')
-
-optional_policy(`
- gen_require(`
- type hypervvssd_t;
- ')
-
- permissive hypervvssd_t;
-')
-
-
-
-optional_policy(`
- gen_require(`
- type lsmd_t;
- ')
-
- permissive lsmd_t;
-')
-
-
-optional_policy(`
- gen_require(`
- type mip6d_t;
- ')
-')
-
-optional_policy(`
- gen_require(`
- type opensm_t;
+ type bumblebee_t;
')
')
optional_policy(`
gen_require(`
- type bumblebee_t;
- ')
+ type freqset_t;
+ ')
')
optional_policy(`
gen_require(`
- type freqset_t;
+ type docker_t;
')
')
More information about the scm-commits
mailing list