From 6d9915d615739187ff98589dc98f69c835b8406d Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: Jun 01 2005 19:01:28 +0000 Subject: add missing pieces of crond_t -> $1_crond_t transition --- diff --git a/refpolicy/policy/modules/services/cron.if b/refpolicy/policy/modules/services/cron.if index 9339350..f5a9d04 100644 --- a/refpolicy/policy/modules/services/cron.if +++ b/refpolicy/policy/modules/services/cron.if @@ -46,6 +46,10 @@ allow $1_crond_t $1_cron_spool_t:file entrypoint; # transition, since crontabs are configuration files, not executables. allow crond_t $1_crond_t:process transition; dontaudit crond_t $1_crond_t:process { noatsecure siginh rlimitinh }; +allow crond_t $1_crond_t:fd use; +allow $1_crond_t crond_t:fd use; +allow $1_crond_t crond_t:fifo_file rw_file_perms; +allow $1_crond_t crond_t:process sigchld; kernel_read_system_state($1_crond_t) kernel_read_kernel_sysctl($1_crond_t)