1 |
commit: 73cf057f886490de96018eef40a4b2362e0946f2 |
2 |
Author: Chris PeBenito <pebenito <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Feb 8 14:22:34 2014 +0000 |
4 |
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Feb 9 10:48:35 2014 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=73cf057f |
7 |
|
8 |
Move exec/transition lines in couchdb. |
9 |
|
10 |
--- |
11 |
policy/modules/contrib/couchdb.te | 8 ++++---- |
12 |
1 file changed, 4 insertions(+), 4 deletions(-) |
13 |
|
14 |
diff --git a/policy/modules/contrib/couchdb.te b/policy/modules/contrib/couchdb.te |
15 |
index 62f5db1..390c8cb 100644 |
16 |
--- a/policy/modules/contrib/couchdb.te |
17 |
+++ b/policy/modules/contrib/couchdb.te |
18 |
@@ -45,6 +45,10 @@ allow couchdb_t self:tcp_socket { accept listen }; |
19 |
allow couchdb_t couchdb_conf_t:dir list_dir_perms; |
20 |
allow couchdb_t couchdb_conf_t:file read_file_perms; |
21 |
|
22 |
+can_exec(couchdb_t, couchdb_exec_t) |
23 |
+ |
24 |
+domtrans_pattern(couchdb_t, couchdb_js_exec_t, couchdb_js_t) |
25 |
+ |
26 |
manage_dirs_pattern(couchdb_t, couchdb_log_t, couchdb_log_t) |
27 |
append_files_pattern(couchdb_t, couchdb_log_t, couchdb_log_t) |
28 |
create_files_pattern(couchdb_t, couchdb_log_t, couchdb_log_t) |
29 |
@@ -63,8 +67,6 @@ manage_dirs_pattern(couchdb_t, couchdb_var_run_t, couchdb_var_run_t) |
30 |
manage_files_pattern(couchdb_t, couchdb_var_run_t, couchdb_var_run_t) |
31 |
files_pid_filetrans(couchdb_t, couchdb_var_run_t, dir) |
32 |
|
33 |
-can_exec(couchdb_t, couchdb_exec_t) |
34 |
- |
35 |
kernel_read_system_state(couchdb_t) |
36 |
|
37 |
corecmd_exec_bin(couchdb_t) |
38 |
@@ -98,8 +100,6 @@ auth_use_nsswitch(couchdb_t) |
39 |
|
40 |
miscfiles_read_localization(couchdb_t) |
41 |
|
42 |
-domtrans_pattern(couchdb_t, couchdb_js_exec_t, couchdb_js_t) |
43 |
- |
44 |
######################################## |
45 |
# |
46 |
# couchdb_js policy |