From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Wed, 11 Mar 2009 11:22:40 -0400
Subject: [refpolicy] Add Open to sock_file patch
In-Reply-To: <49B0376E.10306@redhat.com>
References: <49B0376E.10306@redhat.com>
Message-ID: <1236784963.17032.257.camel@gorn>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Thu, 2009-03-05 at 15:34 -0500, Daniel J Walsh wrote:
> --- nsaserefpolicy/policy/flask/access_vectors  2009-03-05 10:02:34.000000000 -0500
> +++ serefpolicy-3.6.8/policy/flask/access_vectors       2009-03-05 15:26:58.000000000 -0500
> @@ -157,6 +157,9 @@
>  
>  class sock_file
>  inherits file
> +{
> +       open
> +}
>  
>  class fifo_file
>  inherits file
> --- nsaserefpolicy/policy/support/obj_perm_sets.spt     2008-10-16 17:21:16.000000000 -0400
> +++ serefpolicy-3.6.8/policy/support/obj_perm_sets.spt  2009-03-05 15:27:08.000000000 -0500
> @@ -252,13 +252,13 @@
>  #
>  define(`getattr_sock_file_perms',`{ getattr }')
>  define(`setattr_sock_file_perms',`{ setattr }')
> -define(`read_sock_file_perms',`{ getattr read }')
> -define(`write_sock_file_perms',`{ getattr write append }')
> -define(`rw_sock_file_perms',`{ getattr read write append }')
> -define(`create_sock_file_perms',`{ getattr create }')
> +define(`read_sock_file_perms',`{ getattr open read }')
> +define(`write_sock_file_perms',`{ getattr write open append }')
> +define(`rw_sock_file_perms',`{ getattr open read write append }')
> +define(`create_sock_file_perms',`{ getattr create open }')
>  define(`rename_sock_file_perms',`{ getattr rename }')
>  define(`delete_sock_file_perms',`{ getattr unlink }')
> -define(`manage_sock_file_perms',`{ create getattr setattr read write rename link unlink ioctl lock append }')
> +define(`manage_sock_file_perms',`{ create open getattr setattr read write rename link unlink ioctl lock append }')
>  define(`relabelfrom_sock_file_perms',`{ getattr relabelfrom }')
>  define(`relabelto_sock_file_perms',`{ getattr relabelto }')
>  define(`relabel_sock_file_perms',`{ getattr relabelfrom relabelto }')

Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150