-policy_module(brctl,1.0.1)
+policy_module(brctl,1.0.2)
########################################
#
kernel_read_sysctl(brctl_t)
dev_rw_sysfs(brctl_t)
+dev_write_sysfs_dirs(brctl_t)
# Init script handling
domain_use_interactive_fds(brctl_t)
-policy_module(logwatch,1.6.0)
+policy_module(logwatch,1.6.1)
#################################
#
corecmd_exec_shell(logwatch_t)
dev_read_urand(logwatch_t)
-dev_search_sysfs(logwatch_t)
+dev_read_sysfs(logwatch_t)
# Read /proc/PID directories for all domains.
domain_read_all_domains_state(logwatch_t)
')
')
+########################################
+## <summary>
+## Dontaudit attempts to use useradd fds
+## </summary>
+## <param name="domain">
+## <summary>
+## The type of the process performing this action.
+## </summary>
+## </param>
+#
+interface(`usermanage_dontaudit_use_useradd_fds',`
+ gen_require(`
+ type useradd_t;
+ ')
+
+ dontaudit $1 useradd_t:fd use;
+')
+
########################################
## <summary>
## Execute useradd in the useradd domain.
-policy_module(usermanage,1.8.1)
+policy_module(usermanage,1.8.2)
########################################
#
mta_manage_spool(useradd_t)
+optional_policy(`
+ apache_manage_all_user_content(useradd_t)
+')
+
optional_policy(`
dpkg_use_fds(useradd_t)
dpkg_rw_pipes(useradd_t)
projects / people / stevee / selinux-policy.git / commitdiff
