auth_use_nsswitch() can no be used with attribute

author Miroslav Grepl <mgrepl@redhat.com>

Wed, 16 Nov 2011 14:50:09 +0000 (15:50 +0100)

committer Miroslav Grepl <mgrepl@redhat.com>

Wed, 16 Nov 2011 15:10:00 +0000 (16:10 +0100)
author Miroslav Grepl <mgrepl@redhat.com>
Wed, 16 Nov 2011 14:50:09 +0000 (15:50 +0100)
committer Miroslav Grepl <mgrepl@redhat.com>
Wed, 16 Nov 2011 15:10:00 +0000 (16:10 +0100)
diff --git a/policy/modules/apps/mozilla.te b/policy/modules/apps/mozilla.te

index 3654ad3b3ff9e6c9d41eaef4de30d6b99921f6a8..add01a5fda6d8af5147f13f34eb5b8ae442c3a7f 100644 (file)
--- a/policy/modules/apps/mozilla.te
+++ b/policy/modules/apps/mozilla.te
@@ -351,6 +351,8 @@ corenet_tcp_connect_ipp_port(mozilla_plugin_t)
  corenet_tcp_connect_mmcc_port(mozilla_plugin_t)
  corenet_tcp_connect_speech_port(mozilla_plugin_t)
  corenet_tcp_connect_streaming_port(mozilla_plugin_t)
+corenet_tcp_connect_ftp_port(mozilla_plugin_t)
+corenet_tcp_connect_all_ephemeral_ports(mozilla_plugin_t)
  corenet_tcp_bind_generic_node(mozilla_plugin_t)
  corenet_udp_bind_generic_node(mozilla_plugin_t)
  
diff --git a/policy/modules/services/policykit.te b/policy/modules/services/policykit.te

index e3aa61b6054f3b1912f196df95f7a9a5cd643762..5d45ceb1cd408728aeb39a07d6adfba9a6c4e726 100644 (file)
--- a/policy/modules/services/policykit.te
+++ b/policy/modules/services/policykit.te
@@ -45,7 +45,7 @@ allow policykit_domain self:fifo_file rw_fifo_file_perms;
  
  dev_read_sysfs(policykit_domain)
  
-auth_use_nsswitch(policykit_domain)
+#auth_use_nsswitch(policykit_domain)
  
  logging_send_syslog_msg(policykit_domain)
  
@@ -89,6 +89,8 @@ files_dontaudit_search_all_mountpoints(policykit_t)
  
  fs_list_inotifyfs(policykit_t)
  
+auth_use_nsswitch(policykit_t)
+
  userdom_getattr_all_users(policykit_t)
  userdom_read_all_users_state(policykit_t)
  userdom_dontaudit_search_admin_dir(policykit_t)
@@ -159,6 +161,7 @@ fs_getattr_all_fs(polkit_auth_t)
  fs_search_tmpfs(polkit_auth_t)
  
  auth_rw_var_auth(policykit_auth_t)
+auth_use_nsswitch(policykit_auth_t)
  auth_domtrans_chk_passwd(policykit_auth_t)
  
  miscfiles_read_fonts(policykit_auth_t)
@@ -217,6 +220,7 @@ files_read_etc_files(policykit_grant_t)
  files_read_usr_files(policykit_grant_t)
  
  auth_domtrans_chk_passwd(policykit_grant_t)
+auth_use_nsswitch(policykit_grant_t)
  
  userdom_read_all_users_state(policykit_grant_t)
  
@@ -253,6 +257,8 @@ corecmd_search_bin(policykit_resolve_t)
  files_read_etc_files(policykit_resolve_t)
  files_read_usr_files(policykit_resolve_t)
  
+auth_use_nsswitch(policykit_resolve_t)
+
  mcs_ptrace_all(policykit_resolve_t)
  
  userdom_read_all_users_state(policykit_resolve_t)
author	Miroslav Grepl <mgrepl@redhat.com>
	Wed, 16 Nov 2011 14:50:09 +0000 (15:50 +0100)
committer	Miroslav Grepl <mgrepl@redhat.com>
	Wed, 16 Nov 2011 15:10:00 +0000 (16:10 +0100)
policy/modules/apps/mozilla.te		patch \| blob \| blame \| history
policy/modules/services/policykit.te		patch \| blob \| blame \| history