2008-11-20 15:22:15

by Daniel Walsh

[permalink] [raw]
Subject: [refpolicy] services_avahi.patch and services_dbus.patch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_avahi.patch


Added avahi_signull and avahi_initrc_domtrans both used by networkmanager

Also allow avahi to search var_lib and avahi is now started by dbus.



http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_dbus.patch

dbus needs to be ranged.

Fix system_dbusd_var_lib_t definition.

dbus needs getcap and setpgid

dbus can exec itself.

Lists inotify

dbus can be used to start initrc scripts and random binaries so needs to
transition to initrc_t. Probably should be blocked on mls machines.

Starts networkmanager, add dbus unconfiend

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkklgKcACgkQrlYvE4MpobNhwwCg1UlOZrS42vEEvkl0DSPRW4R4
S/MAoKDXPrQe+fZJkMgx3JaQhPJSrjRK
=DK63
-----END PGP SIGNATURE-----