[refpolicy] [ patch 16/44] netutils: nmap is optional.
Dominick Grift
domg472 at gmail.com
Mon Oct 4 13:23:28 CDT 2010
Signed-off-by: Dominick Grift <domg472 at gmail.com>
---
:100644 100644 de06947... a4323c6... M policy/modules/admin/netutils.te
policy/modules/admin/netutils.te | 10 ++++++----
1 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/policy/modules/admin/netutils.te b/policy/modules/admin/netutils.te
index de06947..a4323c6 100644
--- a/policy/modules/admin/netutils.te
+++ b/policy/modules/admin/netutils.te
@@ -206,7 +206,9 @@ miscfiles_read_localization(traceroute_t)
userdom_use_user_terminals(traceroute_t)
-#rules needed for nmap
-dev_read_rand(traceroute_t)
-dev_read_urand(traceroute_t)
-files_read_usr_files(traceroute_t)
+optional_policy(`
+ #rules needed for nmap
+ dev_read_rand(traceroute_t)
+ dev_read_urand(traceroute_t)
+ files_read_usr_files(traceroute_t)
+')
--
1.7.2.3
More information about the refpolicy
mailing list