1 |
commit: 4f1ef29d168da11699a2dd5dcf9d7242bf5d1515 |
2 |
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com> |
3 |
AuthorDate: Fri Oct 23 18:35:45 2015 +0000 |
4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Oct 26 04:10:16 2015 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=4f1ef29d |
7 |
|
8 |
Add systemd socket activations. |
9 |
|
10 |
policy/modules/contrib/avahi.te | 1 + |
11 |
policy/modules/contrib/cups.te | 1 + |
12 |
policy/modules/contrib/dbus.te | 1 + |
13 |
policy/modules/contrib/iscsi.te | 1 + |
14 |
policy/modules/contrib/rpcbind.te | 1 + |
15 |
5 files changed, 5 insertions(+) |
16 |
|
17 |
diff --git a/policy/modules/contrib/avahi.te b/policy/modules/contrib/avahi.te |
18 |
index 46d5aba..161763f 100644 |
19 |
--- a/policy/modules/contrib/avahi.te |
20 |
+++ b/policy/modules/contrib/avahi.te |
21 |
@@ -8,6 +8,7 @@ policy_module(avahi, 1.15.1) |
22 |
type avahi_t; |
23 |
type avahi_exec_t; |
24 |
init_daemon_domain(avahi_t, avahi_exec_t) |
25 |
+init_named_socket_activation(avahi_t, avahi_var_run_t) |
26 |
|
27 |
type avahi_initrc_exec_t; |
28 |
init_script_file(avahi_initrc_exec_t) |
29 |
|
30 |
diff --git a/policy/modules/contrib/cups.te b/policy/modules/contrib/cups.te |
31 |
index 662b991..261dc06 100644 |
32 |
--- a/policy/modules/contrib/cups.te |
33 |
+++ b/policy/modules/contrib/cups.te |
34 |
@@ -15,6 +15,7 @@ files_pid_file(cupsd_config_var_run_t) |
35 |
type cupsd_t; |
36 |
type cupsd_exec_t; |
37 |
init_daemon_domain(cupsd_t, cupsd_exec_t) |
38 |
+init_named_socket_activation(cupsd_t, cupsd_var_run_t) |
39 |
mls_trusted_object(cupsd_t) |
40 |
|
41 |
type cupsd_etc_t; |
42 |
|
43 |
diff --git a/policy/modules/contrib/dbus.te b/policy/modules/contrib/dbus.te |
44 |
index e79a81a..e32b70a 100644 |
45 |
--- a/policy/modules/contrib/dbus.te |
46 |
+++ b/policy/modules/contrib/dbus.te |
47 |
@@ -35,6 +35,7 @@ userdom_user_tmp_file(session_dbusd_tmp_t) |
48 |
|
49 |
type system_dbusd_t; |
50 |
init_system_domain(system_dbusd_t, dbusd_exec_t) |
51 |
+init_named_socket_activation(system_dbusd_t, system_dbusd_var_run_t) |
52 |
|
53 |
type system_dbusd_tmp_t; |
54 |
files_tmp_file(system_dbusd_tmp_t) |
55 |
|
56 |
diff --git a/policy/modules/contrib/iscsi.te b/policy/modules/contrib/iscsi.te |
57 |
index 070f8e3..43f85f3 100644 |
58 |
--- a/policy/modules/contrib/iscsi.te |
59 |
+++ b/policy/modules/contrib/iscsi.te |
60 |
@@ -8,6 +8,7 @@ policy_module(iscsi, 1.9.1) |
61 |
type iscsid_t; |
62 |
type iscsid_exec_t; |
63 |
init_daemon_domain(iscsid_t, iscsid_exec_t) |
64 |
+init_abstract_socket_activation(iscsid_t) |
65 |
|
66 |
type iscsi_initrc_exec_t; |
67 |
init_script_file(iscsi_initrc_exec_t) |
68 |
|
69 |
diff --git a/policy/modules/contrib/rpcbind.te b/policy/modules/contrib/rpcbind.te |
70 |
index 9cdb548..fab6184 100644 |
71 |
--- a/policy/modules/contrib/rpcbind.te |
72 |
+++ b/policy/modules/contrib/rpcbind.te |
73 |
@@ -8,6 +8,7 @@ policy_module(rpcbind, 1.8.2) |
74 |
type rpcbind_t; |
75 |
type rpcbind_exec_t; |
76 |
init_daemon_domain(rpcbind_t, rpcbind_exec_t) |
77 |
+init_named_socket_activation(rpcbind_t, rpcbind_var_run_t) |
78 |
|
79 |
type rpcbind_initrc_exec_t; |
80 |
init_script_file(rpcbind_initrc_exec_t) |