From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Thu, 09 Oct 2008 10:05:22 -0400
Subject: [refpolicy] services_memcached.patch
In-Reply-To: <48ED5508.8070403@redhat.com>
References: <48DAA2C9.8000902@redhat.com>
	<1223496420.2165.119.camel@gorn.columbia.tresys.com>
	<48ED5508.8070403@redhat.com>
Message-ID: <1223561122.2165.132.camel@gorn.columbia.tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Wed, 2008-10-08 at 20:49 -0400, Daniel J Walsh wrote:
> Christopher J. PeBenito wrote:
> > On Wed, 2008-09-24 at 16:27 -0400, Daniel J Walsh wrote:
> >> http://people.fedoraproject.org/~dwalsh/SELinux/F10/services_memcached.patch
> >>
> >> New policy for memcached
> > 
> > Merged except for the port binding part since that port is missing.
> > 
> Updated patch

Merged.

> plain text document attachment (services_memcached.patch)
> --- nsaserefpolicy/policy/modules/services/memcached.te	2008-10-08 19:00:27.000000000 -0400
> +++ serefpolicy-3.5.11/policy/modules/services/memcached.te	2008-10-08 20:36:17.000000000 -0400
> @@ -35,6 +35,8 @@
>  corenet_tcp_sendrecv_all_nodes(memcached_t)
>  corenet_tcp_sendrecv_all_ports(memcached_t)
>  corenet_tcp_bind_all_nodes(memcached_t)
> +corenet_tcp_bind_memcache_port(memcached_t)
> +corenet_udp_bind_memcache_port(memcached_t)
>  
>  manage_dirs_pattern(memcached_t, memcached_var_run_t,  memcached_var_run_t)
>  manage_files_pattern(memcached_t, memcached_var_run_t,  memcached_var_run_t)
> --- nsaserefpolicy/policy/modules/kernel/corenetwork.te.in	2008-09-24 09:07:27.000000000 -0400
> +++ serefpolicy-3.5.11/policy/modules/kernel/corenetwork.te.in	2008-10-08 20:45:30.000000000 -0400
> @@ -121,6 +121,7 @@
>  type lrrd_port_t, port_type; dnl network_port(lrrd_port_t) # no defined portcon
>  network_port(lmtp, tcp,24,s0, udp,24,s0)
>  network_port(mail, tcp,2000,s0)
> +network_port(memcache, tcp,11211,s0, udp,11211,s0)
>  network_port(mmcc, tcp,5050,s0, udp,5050,s0)
>  network_port(monopd, tcp,1234,s0)
>  network_port(msnp, tcp,1863,s0, udp,1863,s0)
-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150