From: nicolas.iooss@m4x.org (Nicolas Iooss) Date: Sat, 23 Aug 2014 13:35:50 +0200 Subject: [refpolicy] [PATCH 6/7] Add ioctl and lock to manage_lnk_file_perms In-Reply-To: <1408793751-11289-1-git-send-email-nicolas.iooss@m4x.org> References: <1408793751-11289-1-git-send-email-nicolas.iooss@m4x.org> Message-ID: <1408793751-11289-7-git-send-email-nicolas.iooss@m4x.org> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com manage_lnk_file_perms permission is expected to be larger than write_lnk_file_perms and therefore include ioctl and lock. --- policy/support/obj_perm_sets.spt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/policy/support/obj_perm_sets.spt b/policy/support/obj_perm_sets.spt index 5e8718a8be67..cefc35f7b547 100644 --- a/policy/support/obj_perm_sets.spt +++ b/policy/support/obj_perm_sets.spt @@ -178,7 +178,7 @@ define(`rw_lnk_file_perms',`{ getattr read write lock ioctl }') define(`create_lnk_file_perms',`{ create getattr }') define(`rename_lnk_file_perms',`{ getattr rename }') define(`delete_lnk_file_perms',`{ getattr unlink }') -define(`manage_lnk_file_perms',`{ create read write getattr setattr link unlink rename }') +define(`manage_lnk_file_perms',`{ create read write getattr setattr link unlink rename ioctl lock }') define(`relabelfrom_lnk_file_perms',`{ getattr relabelfrom }') define(`relabelto_lnk_file_perms',`{ getattr relabelto }') define(`relabel_lnk_file_perms',`{ getattr relabelfrom relabelto }') -- 2.0.4