From: Miroslav Grepl Date: Mon, 18 Jul 2011 06:24:38 +0000 (+0000) Subject: Interface fixes X-Git-Tag: 000~694 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6055344bc6b72922019a5390d2389b74d95c535e;p=people%2Fstevee%2Fselinux-policy.git Interface fixes --- diff --git a/policy/modules/admin/shorewall.if b/policy/modules/admin/shorewall.if index 7ed03a3a..082f0c56 100644 --- a/policy/modules/admin/shorewall.if +++ b/policy/modules/admin/shorewall.if @@ -55,44 +55,6 @@ interface(`shorewall_read_config',` read_files_pattern($1, shorewall_etc_t, shorewall_etc_t) ') -####################################### -## -## Read shorewall PID files. -## -## -## -## Domain allowed access. -## -## -# -interface(`shorewall_read_pid_files',` - gen_require(` - type shorewall_var_run_t; - ') - - files_search_pids($1) - read_files_pattern($1, shorewall_var_run_t, shorewall_var_run_t) -') - -####################################### -## -## Read and write shorewall PID files. -## -## -## -## Domain allowed access. -## -## -# -interface(`shorewall_rw_pid_files',` - gen_require(` - type shorewall_var_run_t; - ') - - files_search_pids($1) - rw_files_pattern($1, shorewall_var_run_t, shorewall_var_run_t) -') - ###################################### ## ## Read shorewall /var/lib files. @@ -105,7 +67,7 @@ interface(`shorewall_rw_pid_files',` # interface(`shorewall_read_lib_files',` gen_require(` - type shorewall_t; + type shorewall_var_lib_t; ') files_search_var_lib($1) diff --git a/policy/modules/services/clamav.if b/policy/modules/services/clamav.if index 101824bd..9eb2461e 100644 --- a/policy/modules/services/clamav.if +++ b/policy/modules/services/clamav.if @@ -50,12 +50,12 @@ interface(`clamav_stream_connect',` # interface(`clamav_append_log',` gen_require(` - type clamav_var_log_t; + type clamd_var_log_t; ') logging_search_logs($1) - allow $1 clamav_var_log_t:dir list_dir_perms; - append_files_pattern($1, clamav_var_log_t, clamav_var_log_t) + allow $1 clamd_var_log_t:dir list_dir_perms; + append_files_pattern($1, clamd_var_log_t, clamd_var_log_t) ') ######################################## diff --git a/policy/modules/services/cups.if b/policy/modules/services/cups.if index 777091a3..173cd162 100644 --- a/policy/modules/services/cups.if +++ b/policy/modules/services/cups.if @@ -9,6 +9,11 @@ ## Domain allowed access. ## ## +## +## +## Domain allowed access. +## +## # interface(`cups_backend',` gen_require(` diff --git a/policy/modules/services/ftp.if b/policy/modules/services/ftp.if index 21a7a733..748cac55 100644 --- a/policy/modules/services/ftp.if +++ b/policy/modules/services/ftp.if @@ -32,10 +32,10 @@ interface(`ftp_domtrans',` # interface(`ftp_initrc_domtrans',` gen_require(` - type ftp_initrc_exec_t; + type ftpd_initrc_exec_t; ') - init_labeled_script_domtrans($1, ftp_initrc_exec_t) + init_labeled_script_domtrans($1, ftpd_initrc_exec_t) ') ####################################### diff --git a/policy/modules/services/matahari.if b/policy/modules/services/matahari.if index 9343f3fd..0432f2ee 100644 --- a/policy/modules/services/matahari.if +++ b/policy/modules/services/matahari.if @@ -216,7 +216,7 @@ interface(`matahari_serviced_domtrans',` # interface(`matahari_admin',` gen_require(` - type matahari_inirc_exec_t; + type matahari_initrc_exec_t; type matahari_hostd_t; type matahari_netd_t; type matahari_serviced_t; diff --git a/policy/modules/services/ricci.if b/policy/modules/services/ricci.if index 3128dd8d..679d185c 100644 --- a/policy/modules/services/ricci.if +++ b/policy/modules/services/ricci.if @@ -123,11 +123,11 @@ interface(`ricci_stream_connect_modclusterd',` # interface(`ricci_rw_modclusterd_tmpfs_files',` gen_require(` - type ricci_modcluserd_tmpfs_t; + type ricci_modclusterd_tmpfs_t; ') fs_search_tmpfs($1) - allow $1 ricci_modcluserd_tmpfs_t:file rw_file_perms; + allow $1 ricci_modclusterd_tmpfs_t:file rw_file_perms; ') ########################################