Bump module versions for release.

[people/stevee/selinux-policy.git] / policy / modules / admin / vpn.te

diff --git a/policy/modules/admin/vpn.te b/policy/modules/admin/vpn.te
index 08d917d9dde8170af2e1cf428c2e1b2eb29aeb88..c19d502f6139179e5fb1158c12336b8ff6ab871a 100644 (file)
--- a/policy/modules/admin/vpn.te
+++ b/policy/modules/admin/vpn.te
@@ -1,5 +1,5 @@
 
-policy_module(vpn, 1.11.1)
+policy_module(vpn, 1.13.0)
 
 ########################################
 #
@@ -31,7 +31,7 @@ allow vpnc_t self:udp_socket create_socket_perms;
 allow vpnc_t self:rawip_socket create_socket_perms;
 allow vpnc_t self:unix_dgram_socket create_socket_perms;
 allow vpnc_t self:unix_stream_socket create_socket_perms;
-allow vpnc_t self:tun_socket create;
+allow vpnc_t self:tun_socket create_socket_perms;
 # cjp: this needs to be fixed
 allow vpnc_t self:socket create_socket_perms;
 
@@ -46,6 +46,7 @@ files_pid_filetrans(vpnc_t, vpnc_var_run_t, { file dir})
 kernel_read_system_state(vpnc_t)
 kernel_read_network_state(vpnc_t)
 kernel_read_all_sysctls(vpnc_t)
+kernel_request_load_module(vpnc_t)
 kernel_rw_net_sysctls(vpnc_t)
 
 corenet_all_recvfrom_unlabeled(vpnc_t)
@@ -77,8 +78,8 @@ domain_use_interactive_fds(vpnc_t)
 fs_getattr_xattr_fs(vpnc_t)
 fs_getattr_tmpfs(vpnc_t)
 
-term_use_all_user_ptys(vpnc_t)
-term_use_all_user_ttys(vpnc_t)
+term_use_all_ptys(vpnc_t)
+term_use_all_ttys(vpnc_t)
 
 corecmd_exec_all_executables(vpnc_t)
 
@@ -115,3 +116,7 @@ optional_policy(`
                networkmanager_dbus_chat(vpnc_t)
        ')
 ')
+
+optional_policy(`
+       networkmanager_attach_tun_iface(vpnc_t)
+')