diff --git a/Changelog b/Changelog index 7b518cc..c286d15 100644 --- a/Changelog +++ b/Changelog @@ -1,3 +1,4 @@ +- Fix ptys and ttys to be device nodes. - Fix explicit use of httpd_t in openca_domtrans(). - Clean up file context regexes in apache and java, from Eamon Walsh. - Patches from Dan Walsh: diff --git a/policy/modules/kernel/terminal.if b/policy/modules/kernel/terminal.if index 1e2d703..fde29f6 100644 --- a/policy/modules/kernel/terminal.if +++ b/policy/modules/kernel/terminal.if @@ -19,7 +19,7 @@ interface(`term_pty',` type devpts_t; ') - files_type($1) + dev_node($1) allow $1 devpts_t:filesystem associate; typeattribute $1 ptynode; ') @@ -89,13 +89,7 @@ interface(`term_tty',` typeattribute $1 ttynode, serial_device; - # cjp: ? - files_associate_tmp($1) - - # static /dev: - fs_associate($1) - # udev: - fs_associate_tmpfs($1) + dev_node($1) ') ######################################## diff --git a/policy/modules/kernel/terminal.te b/policy/modules/kernel/terminal.te index 8be16a1..a5e4d8d 100644 --- a/policy/modules/kernel/terminal.te +++ b/policy/modules/kernel/terminal.te @@ -1,5 +1,5 @@ -policy_module(terminal,1.3.0) +policy_module(terminal,1.3.1) ######################################## #