From 390b8a821be60ade965372c1049a60ace9eda441 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Mar 22 2010 19:19:50 +0000
Subject: Radvd patch from Dan Walsh.


---

diff --git a/policy/modules/services/radvd.te b/policy/modules/services/radvd.te
index 8ab8db6..d72dc56 100644
--- a/policy/modules/services/radvd.te
+++ b/policy/modules/services/radvd.te
@@ -1,5 +1,5 @@
 
-policy_module(radvd, 1.11.1)
+policy_module(radvd, 1.11.2)
 
 ########################################
 #
@@ -22,9 +22,9 @@ files_config_file(radvd_etc_t)
 #
 # Local policy
 #
-allow radvd_t self:capability { setgid setuid net_raw net_admin };
+allow radvd_t self:capability { kill setgid setuid net_raw net_admin };
 dontaudit radvd_t self:capability sys_tty_config;
-allow radvd_t self:process signal_perms;
+allow radvd_t self:process { fork signal_perms };
 allow radvd_t self:unix_dgram_socket create_socket_perms;
 allow radvd_t self:unix_stream_socket create_socket_perms;
 allow radvd_t self:rawip_socket create_socket_perms;
@@ -64,20 +64,16 @@ domain_use_interactive_fds(radvd_t)
 files_read_etc_files(radvd_t)
 files_list_usr(radvd_t)
 
+auth_use_nsswitch(radvd_t)
+
 logging_send_syslog_msg(radvd_t)
 
 miscfiles_read_localization(radvd_t)
 
-sysnet_read_config(radvd_t)
-
 userdom_dontaudit_use_unpriv_user_fds(radvd_t)
 userdom_dontaudit_search_user_home_dirs(radvd_t)
 
 optional_policy(`
-	nis_use_ypbind(radvd_t)
-')
-
-optional_policy(`
 	seutil_sigchld_newrole(radvd_t)
 ')