All of lore.kernel.org
 help / color / mirror / Atom feed
* gentoo diff for snort
@ 2004-11-15 16:24 petre rodan
  2004-11-18 20:01 ` James Carter
  0 siblings, 1 reply; 2+ messages in thread
From: petre rodan @ 2004-11-15 16:24 UTC (permalink / raw)
  To: selinux


[-- Attachment #1.1: Type: text/plain, Size: 115 bytes --]

Hi,

diff needed by snort 2.2.0

bye,
peter

-- 
petre rodan
<kaiowas@gentoo.org>
Developer,
Hardened Gentoo Linux

[-- Attachment #1.2: selinux-snort.diff --]
[-- Type: text/plain, Size: 1376 bytes --]

--- /root/public_html/policy/nsa/file_contexts/program/snort.fc	2003-11-28 16:57:12.000000000 +0200
+++ /root/cvs/cvs.gentoo.org/gentoo-projects/selinux/snort/snort.fc	2004-10-28 17:00:48.000000000 +0300
@@ -1,4 +1,4 @@
 # SNORT
-/usr/sbin/snort	--	system_u:object_r:snort_exec_t
+/usr/(s)?bin/snort --	system_u:object_r:snort_exec_t
 /etc/snort(/.*)?	system_u:object_r:snort_etc_t
 /var/log/snort(/.*)?	system_u:object_r:snort_log_t
--- /root/public_html/policy/nsa/domains/program/unused/snort.te	2004-06-25 23:02:24.000000000 +0300
+++ /root/cvs/cvs.gentoo.org/gentoo-projects/selinux/snort/snort.te	2004-10-28 16:58:33.000000000 +0300
@@ -7,7 +7,8 @@
 
 daemon_domain(snort)
 
-log_domain(snort)
+logdir_domain(snort)
+allow snort_t snort_log_t:dir create;
 can_network(snort_t)
 type snort_etc_t, file_type, sysadmfile;
 
@@ -17,7 +18,7 @@
 # use iptable netlink
 allow snort_t self:netlink_route_socket { bind create getattr nlmsg_read read write };
 allow snort_t self:packet_socket create_socket_perms;
-allow snort_t self:capability { setgid setuid net_admin net_raw };
+allow snort_t self:capability { setgid setuid net_admin net_raw dac_override };
 
 r_dir_file(snort_t, snort_etc_t)
 allow snort_t etc_t:file { getattr read };
@@ -28,3 +29,5 @@
 
 # for start script
 allow initrc_t snort_etc_t:file read;
+
+dontaudit snort_t { etc_runtime_t proc_t }:file read;

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 252 bytes --]

^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: gentoo diff for snort
  2004-11-15 16:24 gentoo diff for snort petre rodan
@ 2004-11-18 20:01 ` James Carter
  0 siblings, 0 replies; 2+ messages in thread
From: James Carter @ 2004-11-18 20:01 UTC (permalink / raw)
  To: petre rodan; +Cc: SELinux

Merged.

On Mon, 2004-11-15 at 11:24, petre rodan wrote:
> Hi,
> 
> diff needed by snort 2.2.0
> 
> bye,
> peter
-- 
James Carter <jwcart2@epoch.ncsc.mil>
National Security Agency

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2004-11-18 19:58 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-11-15 16:24 gentoo diff for snort petre rodan
2004-11-18 20:01 ` James Carter

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.