From: dac.override@gmail.com (Dominick Grift)
Date: Sun, 14 Aug 2016 22:59:01 +0200
Subject: [refpolicy] [PATCH] Update the lvm module
In-Reply-To: <1426268394.997176.1471208149952.JavaMail.open-xchange@popper06.register.it>
References: <1426268394.997176.1471208149952.JavaMail.open-xchange@popper06.register.it>
Message-ID: <a94796a9-d642-9f74-9733-91ec6c8bccc1@gmail.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 08/14/2016 10:55 PM, Guido Trentalancia wrote:
> Update the lvm module to add a permission needed by cryptsetup.
> 
> Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
> ---
>  policy/modules/system/lvm.te |    5 +++++
>  1 file changed, 5 insertions(+)
> 
> --- refpolicy-git-06082016-orig/policy/modules/system/lvm.te	2016-08-06
> 21:26:43.305774396 +0200
> +++ refpolicy-git-06082016/policy/modules/system/lvm.te	2016-08-14
> 22:46:26.233136106 +0200
> @@ -179,6 +179,7 @@ allow lvm_t self:fifo_file manage_fifo_f
>  allow lvm_t self:unix_dgram_socket create_socket_perms;
>  allow lvm_t self:netlink_kobject_uevent_socket create_socket_perms;
>  allow lvm_t self:sem create_sem_perms;
> +allow lvm_t self:socket create_stream_socket_perms;

allow lvm_t self:socket create_socket_perms;

>  
>  allow lvm_t self:unix_stream_socket { connectto create_stream_socket_perms };
>  allow lvm_t clvmd_t:unix_stream_socket { connectto rw_socket_perms };
> @@ -253,6 +254,8 @@ dev_dontaudit_getattr_generic_chr_files(
>  dev_dontaudit_getattr_generic_blk_files(lvm_t)
>  dev_dontaudit_getattr_generic_pipes(lvm_t)
>  dev_create_generic_dirs(lvm_t)
> +# the following one is needed by cryptsetup
> +dev_getattr_fs(lvm_t)
>  
>  domain_use_interactive_fds(lvm_t)
>  domain_read_all_domains_state(lvm_t)
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy
> 


-- 
Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8  02D5 3B6C 5F1D 2C7B 6B02
https://sks-keyservers.net/pks/lookup?op=get&search=0x3B6C5F1D2C7B6B02
Dominick Grift

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 648 bytes
Desc: OpenPGP digital signature
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20160814/3c394a23/attachment.bin