From 95b8223eedad867fd479e14bececfea14dc93e8e Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: Sep 08 2006 17:21:28 +0000 Subject: cleanups --- diff --git a/policy/modules/kernel/corenetwork.te.m4 b/policy/modules/kernel/corenetwork.te.m4 index ecae862..d7a1a27 100644 --- a/policy/modules/kernel/corenetwork.te.m4 +++ b/policy/modules/kernel/corenetwork.te.m4 @@ -32,19 +32,6 @@ type $1_node_t alias node_$1_t, node_type; declare_nodes($1_node_t,shift($*)) ') -# These next three macros have formatting, and should not me indented -define(`determine_reserved_capability',`dnl -ifelse(eval($2 < 1024),1,``allow' dollarsone self:capability net_bind_service;',`dnl -ifelse($4,`',`',`determine_reserved_capability(shiftn(3,$*))')dnl end inner ifelse -')dnl end outer ifelse -') dnl end determine reserved capability - -define(`determine_reserved_capability_depend',`dnl -ifelse(eval($2 < 1024),1,`class capability net_bind_service;',`dnl -ifelse($4,`',`',`determine_reserved_capability_depend(shiftn(3,$*))')dnl end inner ifelse -')dnl end outer ifelse -') dnl end determine reserved capability depend - define(`declare_ports',`dnl ifelse(eval($3 < 1024),1,` typeattribute $1 reserved_port_type; diff --git a/policy/modules/services/samba.te b/policy/modules/services/samba.te index 961a000..6c35428 100644 --- a/policy/modules/services/samba.te +++ b/policy/modules/services/samba.te @@ -138,6 +138,7 @@ logging_send_syslog_msg(samba_net_t) miscfiles_read_localization(samba_net_t) sysnet_read_config(samba_net_t) +sysnet_use_ldap(samba_net_t) userdom_dontaudit_search_sysadm_home_dirs(samba_net_t) @@ -151,19 +152,6 @@ optional_policy(` ') optional_policy(` - allow samba_net_t self:tcp_socket create_socket_perms; - corenet_tcp_sendrecv_all_if(samba_net_t) - corenet_raw_sendrecv_all_if(samba_net_t) - corenet_tcp_sendrecv_all_nodes(samba_net_t) - corenet_raw_sendrecv_all_nodes(samba_net_t) - corenet_tcp_sendrecv_ldap_port(samba_net_t) - corenet_non_ipsec_sendrecv(samba_net_t) - corenet_tcp_bind_all_nodes(samba_net_t) - sysnet_read_config(samba_net_t) - corenet_tcp_connect_ldap_port(samba_net_t) -') - -optional_policy(` nscd_socket_use(samba_net_t) ')