2008-09-24 20:04:48

by Daniel Walsh

[permalink] [raw]
Subject: [refpolicy] services_setroubleshoot.patch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://people.fedoraproject.org/~dwalsh/SELinux/F10/services_setroubleshoot.patch

Add initrc script support

allow admin to start/stop service

Admin needs admin_pattern on all file types

Clean up stream interface

setroubleshoot sets sys_nice

send kill signals and sigkill to itself, plus getattr on itself

reads netsysctls

lists all processes


does a getattr on any file/device on the system to check context

can attempt to read nfs file systems

Sends audit messages

Now uses audit2why so needs to read binary policy

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkjanWAACgkQrlYvE4MpobOnCACaAoaPfdrj4YGgO93CwgsyRRXd
REEAn16r0mh+sXkrUSDy+ztKkXtpGTJC
=3c7+
-----END PGP SIGNATURE-----