All of lore.kernel.org
 help / color / mirror / Atom feed
* [refpolicy] allow postgresql_t to read selabel files
@ 2011-04-15  8:40 Kohei Kaigai
  2011-04-15 14:39 ` Christopher J. PeBenito
  0 siblings, 1 reply; 2+ messages in thread
From: Kohei Kaigai @ 2011-04-15  8:40 UTC (permalink / raw)
  To: refpolicy

The attached patch allows postgresql_t domain to read selabel definition files
(such as /etc/selinux/targeted/contexts/sepgsql_contexts).

The upcoming version (v9.1) uses selabel_lookup(3) to assign initial security context
of database objects, we need to allow this reference.

Thanks,
--
NEC Europe Ltd, SAP Global Competence Center
KaiGai Kohei <kohei.kaigai@eu.nec.com>


-------------- next part --------------
A non-text attachment was scrubbed...
Name: refpolicy-pgsql-selabel.1.patch
Type: application/octet-stream
Size: 506 bytes
Desc: refpolicy-pgsql-selabel.1.patch
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20110415/17aef5f6/attachment.obj 

^ permalink raw reply	[flat|nested] 2+ messages in thread
* [refpolicy] allow postgresql_t to read selabel files
  2011-04-15  8:40 [refpolicy] allow postgresql_t to read selabel files Kohei Kaigai
@ 2011-04-15 14:39 ` Christopher J. PeBenito
  0 siblings, 0 replies; 2+ messages in thread
From: Christopher J. PeBenito @ 2011-04-15 14:39 UTC (permalink / raw)
  To: refpolicy

On 4/15/2011 4:40 AM, Kohei Kaigai wrote:
> The attached patch allows postgresql_t domain to read selabel definition files
> (such as /etc/selinux/targeted/contexts/sepgsql_contexts).
>
> The upcoming version (v9.1) uses selabel_lookup(3) to assign initial security context
> of database objects, we need to allow this reference.

Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2011-04-15 14:39 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-04-15  8:40 [refpolicy] allow postgresql_t to read selabel files Kohei Kaigai
2011-04-15 14:39 ` Christopher J. PeBenito

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.