From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Wed, 03 Sep 2008 10:11:16 -0400
Subject: [refpolicy] Debian: Bind: FC of conf files
In-Reply-To: <20080902130444.GA30953@bobek.pm.i.cz>
References: <20080902130444.GA30953@bobek.pm.i.cz>
Message-ID: <1220451076.28287.30.camel@gorn>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Tue, 2008-09-02 at 15:04 +0200, V?clav Ovs?k wrote:
> I noticed bad context of a part of ISC Bind configuration files on
> Debian. Default configuration uses multi-file named.conf. (named.conf
> includes named.conf.options & named.conf.local) All parts should
> probably have the same context (named_conf_t).
> 
> sid:/etc/bind# ls -Z
> system_u:object_r:named_zone_t:s0 db.0
> system_u:object_r:named_zone_t:s0 db.127
> system_u:object_r:named_zone_t:s0 db.255
> system_u:object_r:named_zone_t:s0 db.empty
> system_u:object_r:named_zone_t:s0 db.local
> system_u:object_r:named_zone_t:s0 db.root
> system_u:object_r:named_conf_t:s0 named.conf
> system_u:object_r:named_zone_t:s0 named.conf.local
> system_u:object_r:named_zone_t:s0 named.conf.options
>     system_u:object_r:dnssec_t:s0 rndc.key
> system_u:object_r:named_zone_t:s0 zones.rfc1918
> sid:/etc/bind# 

Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150