From ab64c30fc33044c2f0d6593ee83b9f919df7fc2f Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: May 02 2005 21:01:31 +0000 Subject: add newrole:fd use --- diff --git a/refpolicy/policy/modules/system/selinux.if b/refpolicy/policy/modules/system/selinux.if index 9804950..04a7274 100644 --- a/refpolicy/policy/modules/system/selinux.if +++ b/refpolicy/policy/modules/system/selinux.if @@ -126,6 +126,20 @@ class process sigchld; ####################################### # +# selinux_newrole_use_file_descriptors(domain) +# +define(`selinux_newrole_use_file_descriptors',` +requires_block_template(selinux_newrole_use_file_descriptors_depend) +allow $1 newrole_t:fd use; +') + +define(`selinux_newrole_use_file_descriptors_depend',` +type newrole_t; +class fd use; +') + +####################################### +# # selinux_restorecon_transition(domain) # define(`selinux_restorecon_transition',` diff --git a/refpolicy/policy/modules/system/selinuxutil.if b/refpolicy/policy/modules/system/selinuxutil.if index 9804950..04a7274 100644 --- a/refpolicy/policy/modules/system/selinuxutil.if +++ b/refpolicy/policy/modules/system/selinuxutil.if @@ -126,6 +126,20 @@ class process sigchld; ####################################### # +# selinux_newrole_use_file_descriptors(domain) +# +define(`selinux_newrole_use_file_descriptors',` +requires_block_template(selinux_newrole_use_file_descriptors_depend) +allow $1 newrole_t:fd use; +') + +define(`selinux_newrole_use_file_descriptors_depend',` +type newrole_t; +class fd use; +') + +####################################### +# # selinux_restorecon_transition(domain) # define(`selinux_restorecon_transition',`