1 |
commit: 9dafa9a3a637709131e17d7cab38d29afd45a796 |
2 |
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be> |
3 |
AuthorDate: Wed Jun 25 19:58:15 2014 +0000 |
4 |
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Jun 25 19:58:15 2014 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=9dafa9a3 |
7 |
|
8 |
Add NetworkManager_t and dhcpc_t as resolvconf clients |
9 |
|
10 |
--- |
11 |
policy/modules/contrib/networkmanager.te | 11 +++++++++++ |
12 |
policy/modules/system/sysnetwork.te | 4 ++++ |
13 |
2 files changed, 15 insertions(+) |
14 |
|
15 |
diff --git a/policy/modules/contrib/networkmanager.te b/policy/modules/contrib/networkmanager.te |
16 |
index a4a45c0..f70479a 100644 |
17 |
--- a/policy/modules/contrib/networkmanager.te |
18 |
+++ b/policy/modules/contrib/networkmanager.te |
19 |
@@ -367,6 +367,17 @@ miscfiles_read_localization(wpa_cli_t) |
20 |
term_dontaudit_use_console(wpa_cli_t) |
21 |
|
22 |
ifdef(`distro_gentoo',` |
23 |
+ # |
24 |
+ # NetworkManager_t policy |
25 |
+ # |
26 |
+ |
27 |
+ optional_policy(` |
28 |
+ resolvconf_client_domain(NetworkManager_t) |
29 |
+ ') |
30 |
+ |
31 |
+ # |
32 |
+ # wpa_cli_t policy |
33 |
+ # |
34 |
manage_files_pattern(wpa_cli_t, wpa_cli_var_run_t, wpa_cli_var_run_t) |
35 |
files_pid_filetrans(wpa_cli_t, wpa_cli_var_run_t, file) |
36 |
|
37 |
|
38 |
diff --git a/policy/modules/system/sysnetwork.te b/policy/modules/system/sysnetwork.te |
39 |
index 3f79de9..945ffb5 100644 |
40 |
--- a/policy/modules/system/sysnetwork.te |
41 |
+++ b/policy/modules/system/sysnetwork.te |
42 |
@@ -406,4 +406,8 @@ ifdef(`distro_gentoo',` |
43 |
# Fixes bug 468878 |
44 |
files_pid_filetrans(dhcpc_t, dhcpc_var_run_t, sock_file) |
45 |
allow dhcpc_t self:unix_stream_socket { create_stream_socket_perms connectto }; |
46 |
+ |
47 |
+ optional_policy(` |
48 |
+ resolvconf_client_domain(dhcpc_t) |
49 |
+ ') |
50 |
') |