[prev in list] [next in list] [prev in thread] [next in thread]
List: selinux
Subject: [patch] sereference: add requires to ppp policy
From: "Serge E. Hallyn" <serue () us ! ibm ! com>
Date: 2005-12-22 14:17:30
Message-ID: 20051222230743.GB11462 () sergelap ! austin ! ibm ! com
[Download RAW message or body]
The following allows ppp to compile as a module on my system, where I
also have postfix as a module.
This block also raises the question - is there intended to be a
difference between an ifdef block and a optional_policy block? It seems
to me the intent is probably to use ifdef for actual defines (like
targeted_policy), and all checks for 'module.te' should be done using
optional_policy. Is that the case?
(If so, then the below patch should also change the ifdef)
thanks,
-serge
Index: refpolicy/policy/modules/services/ppp.te
===================================================================
--- refpolicy.orig/policy/modules/services/ppp.te 2005-12-22 16:11:45.000000000 -0600
+++ refpolicy/policy/modules/services/ppp.te 2005-12-22 16:13:09.000000000 -0600
@@ -319,6 +319,7 @@ optional_policy(`udev',`
')
ifdef(`postfix.te', `
+ require { type postfix_etc_t; type postfix_master_exec_t; }
allow pppd_t postfix_etc_t:dir search;
allow pppd_t postfix_etc_t:file r_file_perms;
allow pppd_t postfix_master_exec_t:file { getattr read };
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic