[refpolicy] services_avahi.patch and services_dbus.patch
Daniel J Walsh
dwalsh at redhat.com
Thu Nov 20 09:22:15 CST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_avahi.patch
Added avahi_signull and avahi_initrc_domtrans both used by networkmanager
Also allow avahi to search var_lib and avahi is now started by dbus.
http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_dbus.patch
dbus needs to be ranged.
Fix system_dbusd_var_lib_t definition.
dbus needs getcap and setpgid
dbus can exec itself.
Lists inotify
dbus can be used to start initrc scripts and random binaries so needs to
transition to initrc_t. Probably should be blocked on mls machines.
Starts networkmanager, add dbus unconfiend
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkklgKcACgkQrlYvE4MpobNhwwCg1UlOZrS42vEEvkl0DSPRW4R4
S/MAoKDXPrQe+fZJkMgx3JaQhPJSrjRK
=DK63
-----END PGP SIGNATURE-----
More information about the refpolicy
mailing list