LinuxLists.cc - [refpolicy] admin

2008-09-25 18:47:58

Subject: [refpolicy] admin_vpn.patch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://people.fedoraproject.org/~dwalsh/SELinux/F10/admin_vpn.patch

vpn needs to sysnet_run_ifconfig rather then just domtrans to is, so
other roles can run it.

needs net_admin capability, rewrite routing table

Needs full rw_fifo_file_perms.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkjb3N4ACgkQrlYvE4MpobOv1ACghE2TTCu6BO4eqKfnRzz8J28y
1JQAnRc0qQC40SYZuDQwCA/7nzrGD4Jn
=Gb+k
-----END PGP SIGNATURE-----

2008-10-06 17:31:12

by cpebenito

[permalink] [raw]

Subject: [refpolicy] admin_vpn.patch

On Thu, 2008-09-25 at 14:47 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F10/admin_vpn.patch
>
> vpn needs to sysnet_run_ifconfig rather then just domtrans to is, so
> other roles can run it.
>
> needs net_admin capability, rewrite routing table
>
> Needs full rw_fifo_file_perms.

Merged.

--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150