* [refpolicy] [PATCH 2/2] Allow Gentoo rc-update to manage runlevels, try 2
@ 2010-12-20 22:28 gizmo at giz-works.com
2011-01-05 15:29 ` Christopher J. PeBenito
0 siblings, 1 reply; 2+ messages in thread
From: gizmo at giz-works.com @ 2010-12-20 22:28 UTC (permalink / raw)
To: refpolicy
From: Chris Richards <gizmo@giz-works.com>
rc-update cannot properly update the system runlevels, even when run
as the root user in sysadm role.
Signed-off-by: Chris Richards <gizmo@giz-works.com>
---
policy/modules/system/selinuxutil.te | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/policy/modules/system/selinuxutil.te b/policy/modules/system/selinuxutil.te
index ff5d72d..9a71b6e 100644
--- a/policy/modules/system/selinuxutil.te
+++ b/policy/modules/system/selinuxutil.te
@@ -405,6 +405,10 @@ ifndef(`direct_sysadm_daemon',`
')
')
+ifdef(`distro_gentoo',`
+ init_manage_script_runlevel_files(run_init_t)
+')
+
ifdef(`distro_ubuntu',`
optional_policy(`
unconfined_domain(run_init_t)
--
1.7.3.2
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [refpolicy] [PATCH 2/2] Allow Gentoo rc-update to manage runlevels, try 2
2010-12-20 22:28 [refpolicy] [PATCH 2/2] Allow Gentoo rc-update to manage runlevels, try 2 gizmo at giz-works.com
@ 2011-01-05 15:29 ` Christopher J. PeBenito
0 siblings, 0 replies; 2+ messages in thread
From: Christopher J. PeBenito @ 2011-01-05 15:29 UTC (permalink / raw)
To: refpolicy
On 12/20/10 17:28, gizmo at giz-works.com wrote:
> From: Chris Richards <gizmo@giz-works.com>
>
> rc-update cannot properly update the system runlevels, even when run
> as the root user in sysadm role.
rc-update should not be running in run_init_t.
> Signed-off-by: Chris Richards <gizmo@giz-works.com>
> ---
> policy/modules/system/selinuxutil.te | 4 ++++
> 1 files changed, 4 insertions(+), 0 deletions(-)
>
> diff --git a/policy/modules/system/selinuxutil.te b/policy/modules/system/selinuxutil.te
> index ff5d72d..9a71b6e 100644
> --- a/policy/modules/system/selinuxutil.te
> +++ b/policy/modules/system/selinuxutil.te
> @@ -405,6 +405,10 @@ ifndef(`direct_sysadm_daemon',`
> ')
> ')
>
> +ifdef(`distro_gentoo',`
> + init_manage_script_runlevel_files(run_init_t)
> +')
> +
> ifdef(`distro_ubuntu',`
> optional_policy(`
> unconfined_domain(run_init_t)
--
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2011-01-05 15:29 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-12-20 22:28 [refpolicy] [PATCH 2/2] Allow Gentoo rc-update to manage runlevels, try 2 gizmo at giz-works.com
2011-01-05 15:29 ` Christopher J. PeBenito
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.