From: sven.vermeulen@siphos.be (Sven Vermeulen) Date: Mon, 3 Oct 2011 21:24:38 +0200 Subject: [refpolicy] [PATCH v2 2/2] Allow sysadm to interact with asterisk In-Reply-To: <20111003192247.GA6987@siphos.be> References: <20111003192247.GA6987@siphos.be> Message-ID: <20111003192438.GC6987@siphos.be> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com When administering asterisk, one often ran command is "asterisk -r" which yields the asterisk CLI (when the asterisk server is running). To be able to run this, you need asterisk_stream_connect privileges. Assign these privileges to the sysadm_r Signed-off-by: Sven Vermeulen --- policy/modules/roles/sysadm.te | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-) diff --git a/policy/modules/roles/sysadm.te b/policy/modules/roles/sysadm.te index 954417f..7a5c40b 100644 --- a/policy/modules/roles/sysadm.te +++ b/policy/modules/roles/sysadm.te @@ -86,6 +86,10 @@ optional_policy(` ') optional_policy(` + asterisk_stream_connect(sysadm_t) +') + +optional_policy(` auditadm_role_change(sysadm_r) ') -- 1.7.3.4