From: dwalsh@redhat.com (Daniel J Walsh)
Date: Thu, 25 Sep 2008 14:47:58 -0400
Subject: [refpolicy] admin_vpn.patch
Message-ID: <48DBDCDE.4090806@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://people.fedoraproject.org/~dwalsh/SELinux/F10/admin_vpn.patch

vpn needs to sysnet_run_ifconfig rather then just domtrans to is, so
other roles can run it.

needs net_admin capability, rewrite routing table

Needs full rw_fifo_file_perms.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkjb3N4ACgkQrlYvE4MpobOv1ACghE2TTCu6BO4eqKfnRzz8J28y
1JQAnRc0qQC40SYZuDQwCA/7nzrGD4Jn
=Gb+k
-----END PGP SIGNATURE-----