1 |
commit: 9b8a447824f56c4c8cb7427b8d791287f4a4b03a |
2 |
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com> |
3 |
AuthorDate: Thu Apr 24 16:53:11 2014 +0000 |
4 |
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Apr 27 15:28:35 2014 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=9b8a4478 |
7 |
|
8 |
Move sock_file filetrans to fcron_crond conditional. |
9 |
|
10 |
Also drop the name in the filetrans. |
11 |
|
12 |
--- |
13 |
policy/modules/contrib/cron.te | 2 +- |
14 |
1 file changed, 1 insertion(+), 1 deletion(-) |
15 |
|
16 |
diff --git a/policy/modules/contrib/cron.te b/policy/modules/contrib/cron.te |
17 |
index da85d9b..8cf6dc8 100644 |
18 |
--- a/policy/modules/contrib/cron.te |
19 |
+++ b/policy/modules/contrib/cron.te |
20 |
@@ -234,7 +234,6 @@ logging_log_filetrans(crond_t, cron_log_t, file) |
21 |
|
22 |
manage_files_pattern(crond_t, crond_var_run_t, crond_var_run_t) |
23 |
files_pid_filetrans(crond_t, crond_var_run_t, file) |
24 |
-files_pid_filetrans(crond_t, crond_var_run_t, sock_file, "fcron.fifo") |
25 |
|
26 |
manage_files_pattern(crond_t, cron_spool_t, cron_spool_t) |
27 |
|
28 |
@@ -349,6 +348,7 @@ tunable_policy(`allow_polyinstantiation',` |
29 |
tunable_policy(`fcron_crond',` |
30 |
allow crond_t { system_cron_spool_t user_cron_spool_t }:file manage_file_perms; |
31 |
allow crond_t crond_var_run_t:sock_file manage_sock_file_perms; |
32 |
+ files_pid_filetrans(crond_t, crond_var_run_t, sock_file) |
33 |
') |
34 |
|
35 |
optional_policy(` |