type rpm_log_t;
')
- logging_search_logs($1)
- append_files_pattern($1, rpm_log_t, rpm_log_t)
+ allow $1 rpm_log_t:file append_inherited_file_perms;
')
########################################
type rpm_tmp_t;
')
- files_search_tmp($1)
- append_files_pattern($1, rpm_tmp_t, rpm_tmp_t)
+ allow $1 rpm_tmp_t:file append_inherited_file_perms;
')
########################################
type sosreport_tmp_t;
')
- append_files_pattern($1, sosreport_tmp_t, sosreport_tmp_t)
+ allow $1 sosreport_tmp_t:file append_inherited_file_perms;
')
########################################
optional_policy(`
telepathy_mission_control_read_state($1_gkeyringd_t)
+ telepathy_dbus_chat($1_gkeyringd_t)
')
')
')
dbus_session_domain($3, telepathy_stream_engine_exec_t, telepathy_stream_engine_t)
dbus_session_domain($3, telepathy_msn_exec_t, telepathy_msn_t)
- optional_policy(`
- telepathy_dbus_chat($2)
- ')
+ telepathy_dbus_chat($2)
')
########################################
corenet_tcp_bind_jboss_management_port(httpd_t)
corenet_sendrecv_http_server_packets(httpd_t)
# Signal self for shutdown
-corenet_tcp_connect_http_port(httpd_t)
+#corenet_tcp_connect_http_port(httpd_t)
dev_read_sysfs(httpd_t)
dev_read_rand(httpd_t)
typealias virsh_t alias xm_t;
typealias virsh_exec_t alias xm_exec_t;
-allow virsh_t self:capability { setpcap dac_override ipc_lock sys_tty_config };
+allow virsh_t self:capability { setpcap setsched dac_override ipc_lock sys_tty_config };
allow virsh_t self:process { getcap getsched setcap signal };
allow virsh_t self:fifo_file rw_fifo_file_perms;
allow virsh_t self:unix_stream_socket { create_stream_socket_perms connectto };