[refpolicy] Updated ntp policy

Christopher J. PeBenito cpebenito at tresys.com
Thu Sep 11 09:53:44 CDT 2008


On Mon, 2008-08-25 at 11:52 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/Policy/services_ntp.patch
> 
> Added support for ntpd_key_t for defining crypto information.  Prevent
> other domains from reading.
> 
> ntp needs getcap
> Uses shm for talking to certain time devices.
> 
> Add gpsd support
> 
> Talks to ptmx also for time devices

One thing that is weird is this:

+# Necessary to communicate with gpsd devices
+fs_rw_tmpfs_files(ntpd_t)

it sounds like there is a missing filetrans here.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150



More information about the refpolicy mailing list