Add vhostmd fixes

author Miroslav Grepl <mgrepl@redhat.com>

Wed, 9 Nov 2011 09:22:59 +0000 (09:22 +0000)

committer Miroslav Grepl <mgrepl@redhat.com>

Wed, 9 Nov 2011 09:22:59 +0000 (09:22 +0000)
author Miroslav Grepl <mgrepl@redhat.com>
Wed, 9 Nov 2011 09:22:59 +0000 (09:22 +0000)
committer Miroslav Grepl <mgrepl@redhat.com>
Wed, 9 Nov 2011 09:22:59 +0000 (09:22 +0000)
diff --git a/policy/modules/services/vhostmd.te b/policy/modules/services/vhostmd.te

index 7baeb6ff18a1aaff8a3a53ff4066d07496ffe273..b771ec1b807fd0cdfc50b17c9a95aec1824814b6 100644 (file)
--- a/policy/modules/services/vhostmd.te
+++ b/policy/modules/services/vhostmd.te
@@ -24,7 +24,7 @@ files_pid_file(vhostmd_var_run_t)
  #
  
  allow vhostmd_t self:capability { dac_override ipc_lock        setuid setgid };
-allow vhostmd_t self:process { setsched getsched };
+allow vhostmd_t self:process { setsched getsched signal };
  allow vhostmd_t self:fifo_file rw_fifo_file_perms;
  
  manage_dirs_pattern(vhostmd_t, vhostmd_tmpfs_t, vhostmd_tmpfs_t)
@@ -44,13 +44,14 @@ corecmd_exec_shell(vhostmd_t)
  
  corenet_tcp_connect_soundd_port(vhostmd_t)
  
+dev_read_rand(vhostmd_t)
+dev_read_sysfs(vhostmd_t)
+
  # 579803
  files_list_tmp(vhostmd_t)
  files_read_etc_files(vhostmd_t)
  files_read_usr_files(vhostmd_t)
  
-dev_read_sysfs(vhostmd_t)
-
  auth_use_nsswitch(vhostmd_t)
  
  logging_send_syslog_msg(vhostmd_t)
author	Miroslav Grepl <mgrepl@redhat.com>
	Wed, 9 Nov 2011 09:22:59 +0000 (09:22 +0000)
committer	Miroslav Grepl <mgrepl@redhat.com>
	Wed, 9 Nov 2011 09:22:59 +0000 (09:22 +0000)