| 1 |
commit: 4f1ef29d168da11699a2dd5dcf9d7242bf5d1515 |
| 2 |
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com> |
| 3 |
AuthorDate: Fri Oct 23 18:35:45 2015 +0000 |
| 4 |
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Mon Oct 26 04:10:16 2015 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=4f1ef29d |
| 7 |
|
| 8 |
Add systemd socket activations. |
| 9 |
|
| 10 |
policy/modules/contrib/avahi.te | 1 + |
| 11 |
policy/modules/contrib/cups.te | 1 + |
| 12 |
policy/modules/contrib/dbus.te | 1 + |
| 13 |
policy/modules/contrib/iscsi.te | 1 + |
| 14 |
policy/modules/contrib/rpcbind.te | 1 + |
| 15 |
5 files changed, 5 insertions(+) |
| 16 |
|
| 17 |
diff --git a/policy/modules/contrib/avahi.te b/policy/modules/contrib/avahi.te |
| 18 |
index 46d5aba..161763f 100644 |
| 19 |
--- a/policy/modules/contrib/avahi.te |
| 20 |
+++ b/policy/modules/contrib/avahi.te |
| 21 |
@@ -8,6 +8,7 @@ policy_module(avahi, 1.15.1) |
| 22 |
type avahi_t; |
| 23 |
type avahi_exec_t; |
| 24 |
init_daemon_domain(avahi_t, avahi_exec_t) |
| 25 |
+init_named_socket_activation(avahi_t, avahi_var_run_t) |
| 26 |
|
| 27 |
type avahi_initrc_exec_t; |
| 28 |
init_script_file(avahi_initrc_exec_t) |
| 29 |
|
| 30 |
diff --git a/policy/modules/contrib/cups.te b/policy/modules/contrib/cups.te |
| 31 |
index 662b991..261dc06 100644 |
| 32 |
--- a/policy/modules/contrib/cups.te |
| 33 |
+++ b/policy/modules/contrib/cups.te |
| 34 |
@@ -15,6 +15,7 @@ files_pid_file(cupsd_config_var_run_t) |
| 35 |
type cupsd_t; |
| 36 |
type cupsd_exec_t; |
| 37 |
init_daemon_domain(cupsd_t, cupsd_exec_t) |
| 38 |
+init_named_socket_activation(cupsd_t, cupsd_var_run_t) |
| 39 |
mls_trusted_object(cupsd_t) |
| 40 |
|
| 41 |
type cupsd_etc_t; |
| 42 |
|
| 43 |
diff --git a/policy/modules/contrib/dbus.te b/policy/modules/contrib/dbus.te |
| 44 |
index e79a81a..e32b70a 100644 |
| 45 |
--- a/policy/modules/contrib/dbus.te |
| 46 |
+++ b/policy/modules/contrib/dbus.te |
| 47 |
@@ -35,6 +35,7 @@ userdom_user_tmp_file(session_dbusd_tmp_t) |
| 48 |
|
| 49 |
type system_dbusd_t; |
| 50 |
init_system_domain(system_dbusd_t, dbusd_exec_t) |
| 51 |
+init_named_socket_activation(system_dbusd_t, system_dbusd_var_run_t) |
| 52 |
|
| 53 |
type system_dbusd_tmp_t; |
| 54 |
files_tmp_file(system_dbusd_tmp_t) |
| 55 |
|
| 56 |
diff --git a/policy/modules/contrib/iscsi.te b/policy/modules/contrib/iscsi.te |
| 57 |
index 070f8e3..43f85f3 100644 |
| 58 |
--- a/policy/modules/contrib/iscsi.te |
| 59 |
+++ b/policy/modules/contrib/iscsi.te |
| 60 |
@@ -8,6 +8,7 @@ policy_module(iscsi, 1.9.1) |
| 61 |
type iscsid_t; |
| 62 |
type iscsid_exec_t; |
| 63 |
init_daemon_domain(iscsid_t, iscsid_exec_t) |
| 64 |
+init_abstract_socket_activation(iscsid_t) |
| 65 |
|
| 66 |
type iscsi_initrc_exec_t; |
| 67 |
init_script_file(iscsi_initrc_exec_t) |
| 68 |
|
| 69 |
diff --git a/policy/modules/contrib/rpcbind.te b/policy/modules/contrib/rpcbind.te |
| 70 |
index 9cdb548..fab6184 100644 |
| 71 |
--- a/policy/modules/contrib/rpcbind.te |
| 72 |
+++ b/policy/modules/contrib/rpcbind.te |
| 73 |
@@ -8,6 +8,7 @@ policy_module(rpcbind, 1.8.2) |
| 74 |
type rpcbind_t; |
| 75 |
type rpcbind_exec_t; |
| 76 |
init_daemon_domain(rpcbind_t, rpcbind_exec_t) |
| 77 |
+init_named_socket_activation(rpcbind_t, rpcbind_var_run_t) |
| 78 |
|
| 79 |
type rpcbind_initrc_exec_t; |
| 80 |
init_script_file(rpcbind_initrc_exec_t) |
Archives