Changeset 117
- Timestamp:
- Jan 26, 2007, 2:33:54 PM (18 years ago)
- Location:
- selinux
- Files:
-
- 3 edited
- 3 moved
Legend:
- Unmodified
- Added
- Removed
-
selinux/Makefile
r100 r117 9 9 10 10 install: 11 /usr/sbin/semodule -i admof.pp; 12 /usr/sbin/semodule -i nagios-nrpe.pp; 13 /usr/sbin/semodule -i openafs.pp; 14 /usr/sbin/semodule -i scripts.pp; 15 /usr/sbin/semodule -i signup.pp; 16 /usr/sbin/semodule -i zephyr.pp; 11 /usr/sbin/semodule -n -i openafs.pp; 12 /usr/sbin/semodule -n -i scripts.pp; 13 /usr/sbin/semodule -n -i signup.pp; 14 /usr/sbin/semodule -n -i admof.pp; 15 /usr/sbin/semodule -n -i nagios-nrpe.pp; 16 /usr/sbin/semodule -n -i zephyr.pp; 17 /usr/sbin/semodule -R 17 18 /usr/sbin/getenforce -
selinux/build/openafs.if
r99 r117 38 38 fs_manage_nfs_named_sockets($1) 39 39 allow $1 nfs_t:file entrypoint; 40 allow $1 nfs_t:{file dir} rx_file_perms; 40 41 ') -
selinux/build/scripts.te
r112 r117 8 8 9 9 require { 10 attribute domain, userdomain, unpriv_userdomain; 10 11 type user_t; 11 12 }; 12 13 14 type user_setuid_t, domain, userdomain, unpriv_userdomain; 15 role user_r types user_setuid_t; 16 domain_interactive_fd(user_setuid_t) 17 files_read_etc_files(user_setuid_t) 18 libs_use_ld_so(user_setuid_t) 19 libs_use_shared_libs(user_setuid_t) 20 miscfiles_read_localization(user_setuid_t) 21 corecmd_exec_all_executables(user_setuid_t) 22 term_use_all_user_ptys(user_setuid_t) 23 24 allow user_setuid_t bin_t:file entrypoint; 25 allow user_setuid_t sbin_t:file entrypoint; 26 27 # allow user_setuid_t domain to call setuid and setgid 28 allow user_setuid_t self:capability { setuid setgid }; 29 30 # transition back to the user domain when executing "user" binaries 31 domain_auto_trans(user_setuid_t, nfs_t, user_t) 32 33 # allow user_setuid_t domain to signal its caller 34 allow user_setuid_t user_t:process sigchld; 35 13 36 afs_access(user_t); 37 afs_access(user_setuid_t); 14 38 zephyr_access(user_t); 15 39
Note: See TracChangeset
for help on using the changeset viewer.