[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

lvm.te patch

To: "SE-Linux" <selinux@xxxxxxxxxxxxx>, Daniel J Walsh <dwalsh@xxxxxxxxxx>
Subject: lvm.te patch
From: Russell Coker <russell@xxxxxxxxxxxx>
Date: Tue, 9 Aug 2005 17:58:30 +1000
Reply-to: russell@xxxxxxxxxxxx
Sender: owner-selinux@xxxxxxxxxxxxx
User-agent: KMail/1.8.2

The attached policy patch is needed for creating a new LV with lvcreate.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

--- domains/program/lvm.te.orig	2005-08-09 17:57:25.000000000 +1000
+++ domains/program/lvm.te	2005-08-09 17:57:43.000000000 +1000
@@ -64,7 +64,7 @@
 allow lvm_t { random_device_t urandom_device_t }:chr_file { getattr read ioctl };
 
 # DAC overrides and mknod for modifying /dev entries (vgmknodes)
-allow lvm_t self:capability { dac_override ipc_lock sys_admin sys_nice sys_resource mknod };
+allow lvm_t self:capability { chown dac_override ipc_lock sys_admin sys_nice sys_resource mknod };
 
 # Write to /etc/lvm, /etc/lvmtab, /etc/lvmtab.d
 file_type_auto_trans(lvm_t, { etc_t lvm_etc_t }, lvm_metadata_t, file)

Prev by Date: Re: Attributes in new binary format
Next by Date: spamassassin policy
Previous by thread: RE: Category Translation patch for MCS/MLS Policy
Next by thread: spamassassin policy
Index(es):
- Date
- Thread

This mailing list archive is a service of Copilot Consulting.