From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Tue, 25 Oct 2011 09:51:16 -0400
Subject: [refpolicy] [PATCH v2 0/2] Asterisk administration update
In-Reply-To: <20111003192247.GA6987@siphos.be>
References: <20111003192247.GA6987@siphos.be>
Message-ID: <4EA6BED4.6020102@tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 10/03/11 15:22, Sven Vermeulen wrote:
> Two small patches, deprecating the previous attempt to get "asterisk -r"
> working on a system. As per the feedback received from Dominick Grift, this
> patch (1.) marks the "asterisk" binary as an application_exec_type so it can be
> executed by user domains, and (2.) assigns the asterisk_stream_connect
> privilege to the sysadm_t domain.
> 
> The latter part is not mandatory - I'm not sure if it is needed to give
> sysadm this privilege (if the purpose of the policy is to support services
> as-is, then yes, but if you want to keep it minimalistic, then no). If not,
> just ignore this second patch-part then ;-)

This set is merged.

-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com