| 1 |
commit: 18ddac2acc0a71975ba87e0683cc3846ed72bb9f |
| 2 |
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org> |
| 3 |
AuthorDate: Sat Sep 10 15:28:14 2016 +0000 |
| 4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Mon Oct 3 06:05:14 2016 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=18ddac2a |
| 7 |
|
| 8 |
cups: Move can_exec() line. |
| 9 |
|
| 10 |
policy/modules/contrib/cups.te | 6 +++--- |
| 11 |
1 file changed, 3 insertions(+), 3 deletions(-) |
| 12 |
|
| 13 |
diff --git a/policy/modules/contrib/cups.te b/policy/modules/contrib/cups.te |
| 14 |
index 1b0dffa..245926b 100644 |
| 15 |
--- a/policy/modules/contrib/cups.te |
| 16 |
+++ b/policy/modules/contrib/cups.te |
| 17 |
@@ -633,6 +633,9 @@ allow hplip_t hplip_etc_t:dir list_dir_perms; |
| 18 |
allow hplip_t hplip_etc_t:file read_file_perms; |
| 19 |
allow hplip_t hplip_etc_t:lnk_file read_lnk_file_perms; |
| 20 |
|
| 21 |
+# e.g. execute python script to load the firmware |
| 22 |
+can_exec(hplip_t, hplip_exec_t) |
| 23 |
+ |
| 24 |
manage_files_pattern(hplip_t, hplip_var_lib_t, hplip_var_lib_t) |
| 25 |
manage_lnk_files_pattern(hplip_t, hplip_var_lib_t, hplip_var_lib_t) |
| 26 |
|
| 27 |
@@ -647,9 +650,6 @@ stream_connect_pattern(hplip_t, cupsd_var_run_t, cupsd_var_run_t, cupsd_t) |
| 28 |
kernel_read_system_state(hplip_t) |
| 29 |
kernel_read_kernel_sysctls(hplip_t) |
| 30 |
|
| 31 |
-# e.g. execute python script to load the firmware |
| 32 |
-can_exec(hplip_t, hplip_exec_t) |
| 33 |
- |
| 34 |
corenet_all_recvfrom_unlabeled(hplip_t) |
| 35 |
corenet_all_recvfrom_netlabel(hplip_t) |
| 36 |
corenet_tcp_sendrecv_generic_if(hplip_t) |
Archives