From: cpebenito@tresys.com (Christopher J. PeBenito) Date: Thu, 06 Jan 2011 08:03:51 -0500 Subject: [refpolicy] [PATCH 1/1] hostname daemon init hostname from dhcpcd, try 2 In-Reply-To: <4D24C7B3.1000004@giz-works.com> References: <1292884158-6603-1-git-send-email-gizmo@giz-works.com> <4D248F2E.2010304@tresys.com> <4D24C7B3.1000004@giz-works.com> Message-ID: <4D25BDB7.6050103@tresys.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 01/05/11 14:34, Chris Richards wrote: > On 01/05/2011 09:33 AM, Christopher J. PeBenito wrote: >> On 12/20/10 17:29, gizmo at giz-works.com wrote: >>> From: Chris Richards >>> >>> Allow the hostname daemon to configure the system hostname according >>> to information obtained from dhcpcd DHCP Client daemon. >> Are you sure these aren't from a leaked fd? >> > Not 100%, no. How would I tell? Did you try dontauditing it? If its leaked it would work without the access. >>> Signed-off-by: Chris Richards >>> --- >>> policy/modules/system/hostname.te | 2 ++ >>> 1 files changed, 2 insertions(+), 0 deletions(-) >>> >>> diff --git a/policy/modules/system/hostname.te b/policy/modules/system/hostname.te >>> index c310775..8509560 100644 >>> --- a/policy/modules/system/hostname.te >>> +++ b/policy/modules/system/hostname.te >>> @@ -49,6 +49,8 @@ init_use_script_ptys(hostname_t) >>> >>> logging_send_syslog_msg(hostname_t) >>> >>> +sysnet_rw_dhcpc_stream_sockets(hostname_t) >>> + >>> miscfiles_read_localization(hostname_t) >>> >>> sysnet_read_config(hostname_t) >> > > _______________________________________________ > refpolicy mailing list > refpolicy at oss.tresys.com > http://oss.tresys.com/mailman/listinfo/refpolicy -- Chris PeBenito Tresys Technology, LLC www.tresys.com | oss.tresys.com