|
 |
f38e8c |
diff --git a/glusterd.te b/glusterd.te
|
|
|
f38e8c |
index 382d67a996..322a4fe005 100644
|
|
|
f38e8c |
--- a/glusterd.te
|
|
|
f38e8c |
+++ b/glusterd.te
|
|
|
f38e8c |
@@ -331,3 +331,16 @@ optional_policy(`
|
|
|
f38e8c |
optional_policy(`
|
|
|
f38e8c |
ssh_exec(glusterd_t)
|
|
|
f38e8c |
')
|
|
|
f38e8c |
+
|
|
|
f38e8c |
+
|
|
|
f38e8c |
+########################################
|
|
|
f38e8c |
+#
|
|
|
f38e8c |
+# Local policy for ssh_keygen
|
|
|
f38e8c |
+#
|
|
|
f38e8c |
+
|
|
|
f38e8c |
+gen_require(`
|
|
|
f38e8c |
+ type ssh_keygen_t;
|
|
|
f38e8c |
+')
|
|
|
f38e8c |
+
|
|
|
f38e8c |
+manage_dirs_pattern(ssh_keygen_t, glusterd_var_lib_t, glusterd_var_lib_t)
|
|
|
f38e8c |
+manage_files_pattern(ssh_keygen_t, glusterd_var_lib_t, glusterd_var_lib_t)
|
|
|
f38e8c |
diff --git a/ldap.te b/ldap.te
|
|
|
f38e8c |
index 1c922b3402..9079ab40eb 100644
|
|
|
f38e8c |
--- a/ldap.te
|
|
|
f38e8c |
+++ b/ldap.te
|
|
|
f38e8c |
@@ -57,8 +57,8 @@ allow slapd_t self:process { setsched signal } ;
|
|
|
f38e8c |
allow slapd_t self:fifo_file rw_fifo_file_perms;
|
|
|
f38e8c |
allow slapd_t self:tcp_socket { accept listen };
|
|
|
f38e8c |
|
|
|
f38e8c |
-allow slapd_t slapd_cert_t:dir list_dir_perms;
|
|
|
f38e8c |
-read_files_pattern(slapd_t, slapd_cert_t, slapd_cert_t)
|
|
|
f38e8c |
+manage_dirs_pattern(slapd_t, slapd_cert_t, slapd_cert_t)
|
|
|
f38e8c |
+manage_files_pattern(slapd_t, slapd_cert_t, slapd_cert_t)
|
|
|
f38e8c |
read_lnk_files_pattern(slapd_t, slapd_cert_t, slapd_cert_t)
|
|
|
f38e8c |
|
|
|
f38e8c |
manage_dirs_pattern(slapd_t, slapd_db_t, slapd_db_t)
|