LinuxLists.cc - [refpolicy] [PATCH] rpcbind needs to read sysfs

2016-07-31 09:27:09

Subject: [refpolicy] [PATCH] rpcbind needs to read sysfs

Tiny patch for rpcbind to read sysfs.

diff -ruN /home/rjc/src/pol-git/policy/modules/contrib/rpcbind.te ./policy/modules/contrib/rpcbind.te
--- /home/rjc/src/pol-git/policy/modules/contrib/rpcbind.te 2016-07-30 08:14:41.145651133 +1000
+++ ./policy/modules/contrib/rpcbind.te 2016-07-31 19:26:02.416587318 +1000
@@ -39,6 +39,9 @@
manage_sock_files_pattern(rpcbind_t, rpcbind_var_lib_t, rpcbind_var_lib_t)
files_var_lib_filetrans(rpcbind_t, rpcbind_var_lib_t, { file dir sock_file })

+# for /sys/devices/system/cpu/online
+dev_read_sysfs(rpcbind_t)
+
kernel_read_system_state(rpcbind_t)
kernel_read_network_state(rpcbind_t)
kernel_request_load_module(rpcbind_t)

2016-07-31 14:24:30

by Jason Zaman

[permalink] [raw]

Subject: [refpolicy] [PATCH] rpcbind needs to read sysfs

On Sun, Jul 31, 2016 at 07:27:09PM +1000, Russell Coker wrote:
> Tiny patch for rpcbind to read sysfs.
>
>
> diff -ruN /home/rjc/src/pol-git/policy/modules/contrib/rpcbind.te ./policy/modules/contrib/rpcbind.te
> --- /home/rjc/src/pol-git/policy/modules/contrib/rpcbind.te 2016-07-30 08:14:41.145651133 +1000
> +++ ./policy/modules/contrib/rpcbind.te 2016-07-31 19:26:02.416587318 +1000
> @@ -39,6 +39,9 @@
> manage_sock_files_pattern(rpcbind_t, rpcbind_var_lib_t, rpcbind_var_lib_t)
> files_var_lib_filetrans(rpcbind_t, rpcbind_var_lib_t, { file dir sock_file })
>
> +# for /sys/devices/system/cpu/online
> +dev_read_sysfs(rpcbind_t)
We have this interface now instead: dev_read_cpu_online()
that file is labelled cpu_online_t now.
> +
> kernel_read_system_state(rpcbind_t)
> kernel_read_network_state(rpcbind_t)
> kernel_request_load_module(rpcbind_t)
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy

2016-08-02 23:29:23

by Chris PeBenito

[permalink] [raw]

Subject: [refpolicy] [PATCH] rpcbind needs to read sysfs

On 07/31/16 11:06, Russell Coker wrote:
> On Mon, 1 Aug 2016 12:24:30 AM Jason Zaman wrote:
>>> +# for /sys/devices/system/cpu/online
>>> +dev_read_sysfs(rpcbind_t)
>>
>> We have this interface now instead: dev_read_cpu_online()
>> that file is labelled cpu_online_t now.
>
> Thanks for that, I've attached an updated patch.

Merged.

--
Chris PeBenito

2016-07-31 15:06:48

by Russell Coker

[permalink] [raw]

Subject: [refpolicy] [PATCH] rpcbind needs to read sysfs

On Mon, 1 Aug 2016 12:24:30 AM Jason Zaman wrote:
> > +# for /sys/devices/system/cpu/online
> > +dev_read_sysfs(rpcbind_t)
>
> We have this interface now instead: dev_read_cpu_online()
> that file is labelled cpu_online_t now.

Thanks for that, I've attached an updated patch.

--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: diff
Type: text/x-patch
Size: 597 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20160801/63de19b5/attachment.bin