[node-patches] Change in ovirt-node[master]: selinux: Additional rules
fabiand at fedoraproject.org
fabiand at fedoraproject.org
Fri Apr 19 12:09:16 UTC 2013
Fabian Deutsch has uploaded a new change for review.
Change subject: selinux: Additional rules
......................................................................
selinux: Additional rules
Change-Id: I3f119f28bed42f97f826a7f2423f11e1067b2069
Signed-off-by: Fabian Deutsch <fabiand at fedoraproject.org>
---
M semodule/ovirt.te
1 file changed, 9 insertions(+), 1 deletion(-)
git pull ssh://gerrit.ovirt.org:29418/ovirt-node refs/changes/74/14074/1
diff --git a/semodule/ovirt.te b/semodule/ovirt.te
index f59925c..4f31f0a 100644
--- a/semodule/ovirt.te
+++ b/semodule/ovirt.te
@@ -11,9 +11,17 @@
type shadow_t;
')
+#============= collectd_t ==============
+allow collectd_t passwd_file_t:file read;
+allow collectd_t virtd_exec_t:file getattr;
+allow collectd_t virt_etc_t:file read;
+
+#============= systemd_localed_t ==============
+allow systemd_localed_t etc_t:file { write rename create setattr };
+allow systemd_localed_t init_t:dbus send_msg;
+
allow mount_t shadow_t:file mounton;
allow setfiles_t net_conf_t:file read;
-allow collectd_t virt_etc_t:file read;
allow loadkeys_t initrc_tmp_t:file read;
type ovirt_t;
--
To view, visit http://gerrit.ovirt.org/14074
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I3f119f28bed42f97f826a7f2423f11e1067b2069
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-node
Gerrit-Branch: master
Gerrit-Owner: Fabian Deutsch <fabiand at fedoraproject.org>
More information about the node-patches
mailing list