'Re: [PATCH] fstools.te needs corecmd_exec_bin'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       selinux
Subject:    Re: [PATCH] fstools.te needs corecmd_exec_bin
From:       "Shintaro Fujiwara" <shintaro.fujiwara () gmail ! com>
Date:       2007-09-26 15:57:36
Message-ID: f71a82820709260857l6c81d6aen1f135662c3c3de2d () mail ! gmail ! com
[Download RAW message or body]

Thanks!!
I can bost of my people around here in Japan, i.e. Nakamura or Kaigai.

Cheers !

http://sourceforge.net./projects/segax/

2007/9/26, Christopher J. PeBenito <cpebenito@tresys.com>:
> On Tue, 2007-09-18 at 17:28 -0400, Shintaro Fujiwara wrote:
> > Will this OK?
>
> Yes, merged.
>
> > Index: policy/modules/system/fstools.fc
> > ===================================================================
> > --- policy/modules/system/fstools.fc    (revision 2423)
> > +++ policy/modules/system/fstools.fc    (working copy)
> > @@ -1,3 +1,4 @@
> > +/sbin/badblocks        --      gen_context(system_u:object_r:fsadm_exec_t,s0)
> >  /sbin/blkid            --      gen_context(system_u:object_r:fsadm_exec_t,s0)
> >  /sbin/blockdev         --      gen_context(system_u:object_r:fsadm_exec_t,s0)
> >  /sbin/cfdisk           --      gen_context(system_u:object_r:fsadm_exec_t,s0)
> >
> >
> > 2007/9/19, Christopher J. PeBenito <cpebenito@tresys.com>:
> > > On Wed, 2007-09-19 at 02:39 +0900, Shintaro Fujiwara wrote:
> > > > I have attached usb hdd on my strict machine and typed
> > > > mkfs -c /dev/sdb
> > > > and error saying cannot execute /sbin/badblocks.
> > > > I always use -c with mkfs command so I added
> > > > this line to fstools.te.
> > >
> > > I think instead badblocks should be labeled fsadm_exec_t.
> > >
> > > > Index: policy/modules/system/fstools.te
> > > >
> > ===================================================================
> > > > --- policy/modules/system/fstools.te    (revision 2422)
> > > > +++ policy/modules/system/fstools.te    (working copy)
> > > > @@ -119,6 +119,9 @@
> > > >  corecmd_read_bin_pipes(fsadm_t)
> > > >  corecmd_read_bin_sockets(fsadm_t)
> > > >
> > > > +# for mkfs -c
> > > > +corecmd_exec_bin(fsadm_t)
> > > > +
> > > >  domain_use_interactive_fds(fsadm_t)
> > > >
> > > >  files_list_home(fsadm_t)
> > > >
> > > > --
> > > > This message was distributed to subscribers of the selinux mailing
> > list.
> > > > If you no longer wish to subscribe, send mail to
> > majordomo@tycho.nsa.gov with
> > > > the words "unsubscribe selinux" without quotes as the message.
> > > --
> > > Chris PeBenito
> > > Tresys Technology, LLC
> > > (410) 290-1411 x150
> > >
> > >
> >
> >
> --
> Chris PeBenito
> Tresys Technology, LLC
> (410) 290-1411 x150
>
>

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic