From: dwalsh@redhat.com (Daniel J Walsh)
Date: Thu, 05 Mar 2009 11:49:23 -0500
Subject: [refpolicy] services_oddjob.patch
Message-ID: <49B00293.4020906@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_oddjob.patch

If you run oddjob you need user_exemption.

mkhomedir needs obj_id_ exception to create files with the correct label.

oddjob_t needs to run ranged.

mkhomedir needs capabilities to create files with the right ownership
and label.

Calls getpw, reads system state sends syslog_msg

Uses SELinux to create homedir with the correct labels.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkmwApMACgkQrlYvE4MpobPzfACgrVCVaWroLQNeyr3TelIdlsNI
PYAAoKy2CKbkLktp/SRUE+fiFCmU4HSb
=aUfg
-----END PGP SIGNATURE-----