rpms/selinux-policy-targeted/FC-4 policy-2006-03.patch,NONE,1.1
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Thu Mar 23 12:39:47 UTC 2006
- Previous message (by thread): rpms/cups/devel cups.spec,1.136,1.137
- Next message (by thread): rpms/vim/devel vim-7.0-crv.patch, NONE, 1.1 vim-7.0-fixkeys.patch, NONE, 1.1 vim-7.0-fstabsyntax.patch, NONE, 1.1 vim-7.0-rclocation.patch, NONE, 1.1 vim-7.0-syntax.patch, NONE, 1.1 .cvsignore, 1.11, 1.12 sources, 1.11, 1.12 vim.spec, 1.100, 1.101
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: rcoker
Update of /cvs/dist/rpms/selinux-policy-targeted/FC-4
In directory cvs.devel.redhat.com:/tmp/cvs-serv16389
Added Files:
policy-2006-03.patch
Log Message:
- Allowed amanda_t to access inetd_t TCP sockets and allowed amanda_recover_t
to bind to reserved ports. #149030
- Added boolean samba_share_nfs to allow smbd_t full access to NFS mounts.
#169947
policy-2006-03.patch:
amanda.te | 2 ++
samba.te | 6 ++++++
2 files changed, 8 insertions(+)
--- NEW FILE policy-2006-03.patch ---
diff -ru policy-1.27.1.last/domains/program/unused/amanda.te policy-1.27.1/domains/program/unused/amanda.te
--- policy-1.27.1.last/domains/program/unused/amanda.te 2006-03-23 20:39:22.000000000 +1100
+++ policy-1.27.1/domains/program/unused/amanda.te 2006-03-23 20:41:13.000000000 +1100
@@ -76,6 +76,7 @@
####################
domain_auto_trans(inetd_t, amanda_inetd_exec_t, amanda_t)
+allow amanda_t inetd_t:tcp_socket rw_socket_perms;
##################
@@ -211,6 +212,7 @@
#############################################
can_network(amanda_recover_t);
+allow amanda_recover_t reserved_port_t:tcp_socket name_bind;
allow amanda_recover_t amanda_port_t:tcp_socket name_connect;
can_ypbind(amanda_recover_t);
read_locale(amanda_recover_t);
diff -ru policy-1.27.1.last/domains/program/unused/samba.te policy-1.27.1/domains/program/unused/samba.te
--- policy-1.27.1.last/domains/program/unused/samba.te 2006-03-23 20:39:22.000000000 +1100
+++ policy-1.27.1/domains/program/unused/samba.te 2006-03-23 20:50:37.000000000 +1100
@@ -135,6 +135,12 @@
# Support Samba sharing of home directories
bool samba_enable_home_dirs false;
+# Support Samba sharing of NFS mount points
+bool samba_share_nfs false;
+if (samba_share_nfs) {
+create_dir_file(smbd_t, nfs_t)
+}
+
ifdef(`mount.te', `
#
# Domain for running smbmount
- Previous message (by thread): rpms/cups/devel cups.spec,1.136,1.137
- Next message (by thread): rpms/vim/devel vim-7.0-crv.patch, NONE, 1.1 vim-7.0-fixkeys.patch, NONE, 1.1 vim-7.0-fstabsyntax.patch, NONE, 1.1 vim-7.0-rclocation.patch, NONE, 1.1 vim-7.0-syntax.patch, NONE, 1.1 .cvsignore, 1.11, 1.12 sources, 1.11, 1.12 vim.spec, 1.100, 1.101
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list