[refpolicy] Updated ntp policy
Daniel J Walsh
dwalsh at redhat.com
Thu Sep 11 10:28:25 CDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Christopher J. PeBenito wrote:
> On Mon, 2008-08-25 at 11:52 -0400, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/Policy/services_ntp.patch
>>
>> Added support for ntpd_key_t for defining crypto information. Prevent
>> other domains from reading.
>>
>> ntp needs getcap
>> Uses shm for talking to certain time devices.
>>
>> Add gpsd support
>>
>> Talks to ptmx also for time devices
>
> One thing that is weird is this:
>
> +# Necessary to communicate with gpsd devices
> +fs_rw_tmpfs_files(ntpd_t)
>
> it sounds like there is a missing filetrans here.
>
We can try this, but I am not sure if the gpsd device created the file
for communication in the tmpfs first.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkjJORkACgkQrlYvE4MpobP3qACgl03CsnZszhrbw1btj3dpnmBj
wSEAoOZ7PgaxWA9r2j7FH6pDqMlKGTUK
=/dSp
-----END PGP SIGNATURE-----
More information about the refpolicy
mailing list