From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Tue, 3 Dec 2013 13:30:13 -0500
Subject: [refpolicy] [PATCH 08/39] These { read write } tty_device_t chr
 files on boot up in Debian
In-Reply-To: <1383990320-3340-8-git-send-email-dominick.grift@gmail.com>
References: <1383990320-3340-1-git-send-email-dominick.grift@gmail.com>
	<1383990320-3340-8-git-send-email-dominick.grift@gmail.com>
Message-ID: <529E2335.4060001@tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 11/09/13 04:44, Dominick Grift wrote:
> Signed-off-by: Dominick Grift <dominick.grift@gmail.com>

Merged, with a whitespace fix.

> ---
>  policy/modules/system/fstools.te    | 5 +++++
>  policy/modules/system/hostname.te   | 4 ++++
>  policy/modules/system/sysnetwork.te | 4 ++++
>  3 files changed, 13 insertions(+)
> 
> diff --git a/policy/modules/system/fstools.te b/policy/modules/system/fstools.te
> index 3f48d30..b40e06f 100644
> --- a/policy/modules/system/fstools.te
> +++ b/policy/modules/system/fstools.te
> @@ -149,6 +149,11 @@ seutil_read_config(fsadm_t)
>  
>  userdom_use_user_terminals(fsadm_t)
>  
> +ifdef(`distro_debian',`
> +	term_dontaudit_use_unallocated_ttys(fsadm_t)
> +')
> +
> +
>  ifdef(`distro_redhat',`
>  	optional_policy(`
>  		unconfined_domain(fsadm_t)
> diff --git a/policy/modules/system/hostname.te b/policy/modules/system/hostname.te
> index 24a7889..d5d4a1c 100644
> --- a/policy/modules/system/hostname.te
> +++ b/policy/modules/system/hostname.te
> @@ -56,6 +56,10 @@ sysnet_dontaudit_rw_dhcpc_unix_stream_sockets(hostname_t)
>  sysnet_read_config(hostname_t)
>  sysnet_dns_name_resolve(hostname_t)
>  
> +ifdef(`distro_debian',`
> +	term_dontaudit_use_unallocated_ttys(hostname_t)
> +')
> +
>  optional_policy(`
>  	nis_use_ypbind(hostname_t)
>  ')
> diff --git a/policy/modules/system/sysnetwork.te b/policy/modules/system/sysnetwork.te
> index a392fc4..999e142 100644
> --- a/policy/modules/system/sysnetwork.te
> +++ b/policy/modules/system/sysnetwork.te
> @@ -319,6 +319,10 @@ sysnet_dontaudit_rw_dhcpc_udp_sockets(ifconfig_t)
>  userdom_use_user_terminals(ifconfig_t)
>  userdom_use_all_users_fds(ifconfig_t)
>  
> +ifdef(`distro_debian',`
> +	term_dontaudit_use_unallocated_ttys(ifconfig_t)
> +')
> +
>  ifdef(`distro_ubuntu',`
>  	optional_policy(`
>  		unconfined_domain(ifconfig_t)
> 


-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com