From d9ab02548bfa95eb4e9db6e1045e25aeb0d4468a Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Sep 24 2007 12:42:07 +0000 Subject: - Fix service start stop terminal avc's --- diff --git a/policy-20070703.patch b/policy-20070703.patch index 2dd68b3..515a91b 100644 --- a/policy-20070703.patch +++ b/policy-20070703.patch @@ -8046,6 +8046,30 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/radi corecmd_exec_bin(radiusd_t) corecmd_exec_shell(radiusd_t) +diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/remotelogin.if serefpolicy-3.0.8/policy/modules/services/remotelogin.if +--- nsaserefpolicy/policy/modules/services/remotelogin.if 2007-05-29 14:10:57.000000000 -0400 ++++ serefpolicy-3.0.8/policy/modules/services/remotelogin.if 2007-09-24 07:36:26.000000000 -0400 +@@ -18,3 +18,20 @@ + auth_domtrans_login_program($1,remote_login_t) + ') + ++######################################## ++## ++## allow Domain to signal remote login domain. ++## ++## ++## ++## The type of the process performing this action. ++## ++## ++# ++interface(`remotelogin_signal',` ++ gen_require(` ++ type remote_login_t; ++ ') ++ ++ allow $1 remote_login_t:process signal; ++') diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/remotelogin.te serefpolicy-3.0.8/policy/modules/services/remotelogin.te --- nsaserefpolicy/policy/modules/services/remotelogin.te 2007-06-11 16:05:30.000000000 -0400 +++ serefpolicy-3.0.8/policy/modules/services/remotelogin.te 2007-09-17 16:20:18.000000000 -0400