[DSE-User] SELinux on Wheezy: rpcbind
Arno Schuring
aelschuring at hotmail.com
Sat Feb 11 14:32:53 UTC 2012
Another fcontext-only change. However, I needed to fix the rpcbind
startup script (#658369) to avoid labeling issues for the contents
of /run/rpcbind as well.
Regards,
Arno
-8<--
diff --git a/policy/modules/services/rpcbind.fc b/policy/modules/services/rpcbind.fc
index f5c47d6..ed1d024 100644
--- a/policy/modules/services/rpcbind.fc
+++ b/policy/modules/services/rpcbind.fc
@@ -5,5 +5,9 @@
/var/lib/rpcbind(/.*)? gen_context(system_u:object_r:rpcbind_var_lib_t,s0)
/var/run/rpc.statd\.pid -- gen_context(system_u:object_r:rpcbind_var_run_t,s0)
+/run/rpc.statd\.pid -- gen_context(system_u:object_r:rpcbind_var_run_t,s0)
/var/run/rpcbind\.lock -- gen_context(system_u:object_r:rpcbind_var_run_t,s0)
+/run/rpcbind\.lock -- gen_context(system_u:object_r:rpcbind_var_run_t,s0)
/var/run/rpcbind\.sock -s gen_context(system_u:object_r:rpcbind_var_run_t,s0)
+/run/rpcbind\.sock -s gen_context(system_u:object_r:rpcbind_var_run_t,s0)
+/run/rpcbind/.* -- gen_context(system_u:object_r:rpcbind_var_run_t,s0)
diff --git a/policy/modules/services/rpcbind.te b/policy/modules/services/rpcbind.te
index d6d76e1..c646274 100644
--- a/policy/modules/services/rpcbind.te
+++ b/policy/modules/services/rpcbind.te
@@ -1,4 +1,4 @@
-policy_module(rpcbind, 1.5.0)
+policy_module(rpcbind, 1.5.2)
########################################
#
More information about the Selinux-user
mailing list