diff options
author | Chris PeBenito <pebenito@ieee.org> | 2017-03-28 18:50:35 -0400 |
---|---|---|
committer | Jason Zaman <jason@perfinion.com> | 2017-03-30 22:00:10 +0800 |
commit | 66330450e5ece7ebc512aae878d224b772efd252 (patch) | |
tree | b987a09fdcdd6214d11616b88007cd783a856815 | |
parent | Module version bump for monit patch from cgzones. (diff) | |
download | hardened-refpolicy-66330450.tar.gz hardened-refpolicy-66330450.tar.bz2 hardened-refpolicy-66330450.zip |
systemd-resolvd, sessions, and tmpfiles take2
I believe that I have addressed all the issues Chris raised, so here's a newer
version of the patch which applies to today's git version.
Description: systemd-resolved, sessions, and tmpfiles patches
Author: Russell Coker <russell@coker.com.au>
Last-Update: 2017-03-26
-rw-r--r-- | policy/modules/contrib/xfs.if | 19 | ||||
-rw-r--r-- | policy/modules/contrib/xfs.te | 2 |
2 files changed, 20 insertions, 1 deletions
diff --git a/policy/modules/contrib/xfs.if b/policy/modules/contrib/xfs.if index 199340601..1aafbbc1a 100644 --- a/policy/modules/contrib/xfs.if +++ b/policy/modules/contrib/xfs.if @@ -60,6 +60,25 @@ interface(`xfs_exec',` ######################################## ## <summary> +## Create xfs temporary dirs +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`xfs_create_tmp_dirs',` + gen_require(` + type xfs_tmp_t; + ') + + files_search_tmp($1) + allow $1 xfs_tmp_t:dir create; +') + +######################################## +## <summary> ## All of the rules required to ## administrate an xfs environment. ## </summary> diff --git a/policy/modules/contrib/xfs.te b/policy/modules/contrib/xfs.te index 3fc2a1bf4..839f15cf7 100644 --- a/policy/modules/contrib/xfs.te +++ b/policy/modules/contrib/xfs.te @@ -1,4 +1,4 @@ -policy_module(xfs, 1.9.0) +policy_module(xfs, 1.9.1) ######################################## # |