| 1 |
commit: 9b8a447824f56c4c8cb7427b8d791287f4a4b03a |
| 2 |
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com> |
| 3 |
AuthorDate: Thu Apr 24 16:53:11 2014 +0000 |
| 4 |
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Sun Apr 27 15:28:35 2014 +0000 |
| 6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=9b8a4478 |
| 7 |
|
| 8 |
Move sock_file filetrans to fcron_crond conditional. |
| 9 |
|
| 10 |
Also drop the name in the filetrans. |
| 11 |
|
| 12 |
--- |
| 13 |
policy/modules/contrib/cron.te | 2 +- |
| 14 |
1 file changed, 1 insertion(+), 1 deletion(-) |
| 15 |
|
| 16 |
diff --git a/policy/modules/contrib/cron.te b/policy/modules/contrib/cron.te |
| 17 |
index da85d9b..8cf6dc8 100644 |
| 18 |
--- a/policy/modules/contrib/cron.te |
| 19 |
+++ b/policy/modules/contrib/cron.te |
| 20 |
@@ -234,7 +234,6 @@ logging_log_filetrans(crond_t, cron_log_t, file) |
| 21 |
|
| 22 |
manage_files_pattern(crond_t, crond_var_run_t, crond_var_run_t) |
| 23 |
files_pid_filetrans(crond_t, crond_var_run_t, file) |
| 24 |
-files_pid_filetrans(crond_t, crond_var_run_t, sock_file, "fcron.fifo") |
| 25 |
|
| 26 |
manage_files_pattern(crond_t, cron_spool_t, cron_spool_t) |
| 27 |
|
| 28 |
@@ -349,6 +348,7 @@ tunable_policy(`allow_polyinstantiation',` |
| 29 |
tunable_policy(`fcron_crond',` |
| 30 |
allow crond_t { system_cron_spool_t user_cron_spool_t }:file manage_file_perms; |
| 31 |
allow crond_t crond_var_run_t:sock_file manage_sock_file_perms; |
| 32 |
+ files_pid_filetrans(crond_t, crond_var_run_t, sock_file) |
| 33 |
') |
| 34 |
|
| 35 |
optional_policy(` |
Archives