1 |
commit: 880e5bc49e6e08fb4f8e4732e6cdd5e1c05eba13 |
2 |
Author: Jason Zaman <jason <AT> perfinion <DOT> com> |
3 |
AuthorDate: Mon May 25 09:33:56 2015 +0000 |
4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed May 27 18:59:50 2015 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=880e5bc4 |
7 |
|
8 |
postgresql: use init_startstop_service in _admin interface |
9 |
|
10 |
The postgresql_admin interfaces had rules for RedHat sysvinit. This |
11 |
replaces them with the interface init_startstop_service which can |
12 |
easily be changed for other init systems. |
13 |
|
14 |
policy/modules/services/postgresql.if | 5 +---- |
15 |
1 file changed, 1 insertion(+), 4 deletions(-) |
16 |
|
17 |
diff --git a/policy/modules/services/postgresql.if b/policy/modules/services/postgresql.if |
18 |
index 85d430f..11526b6 100644 |
19 |
--- a/policy/modules/services/postgresql.if |
20 |
+++ b/policy/modules/services/postgresql.if |
21 |
@@ -595,10 +595,7 @@ interface(`postgresql_admin',` |
22 |
allow $1 postgresql_t:process { ptrace signal_perms }; |
23 |
ps_process_pattern($1, postgresql_t) |
24 |
|
25 |
- init_labeled_script_domtrans($1, postgresql_initrc_exec_t) |
26 |
- domain_system_change_exemption($1) |
27 |
- role_transition $2 postgresql_initrc_exec_t system_r; |
28 |
- allow $2 system_r; |
29 |
+ init_startstop_service($1, $2, postgresql_t, postgresql_initrc_exec_t) |
30 |
|
31 |
admin_pattern($1, postgresql_var_run_t) |