commit: 4f1ef29d168da11699a2dd5dcf9d7242bf5d1515 Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com> AuthorDate: Fri Oct 23 18:35:45 2015 +0000 Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org> CommitDate: Mon Oct 26 04:10:16 2015 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=4f1ef29d
Add systemd socket activations. policy/modules/contrib/avahi.te | 1 + policy/modules/contrib/cups.te | 1 + policy/modules/contrib/dbus.te | 1 + policy/modules/contrib/iscsi.te | 1 + policy/modules/contrib/rpcbind.te | 1 + 5 files changed, 5 insertions(+) diff --git a/policy/modules/contrib/avahi.te b/policy/modules/contrib/avahi.te index 46d5aba..161763f 100644 --- a/policy/modules/contrib/avahi.te +++ b/policy/modules/contrib/avahi.te @@ -8,6 +8,7 @@ policy_module(avahi, 1.15.1) type avahi_t; type avahi_exec_t; init_daemon_domain(avahi_t, avahi_exec_t) +init_named_socket_activation(avahi_t, avahi_var_run_t) type avahi_initrc_exec_t; init_script_file(avahi_initrc_exec_t) diff --git a/policy/modules/contrib/cups.te b/policy/modules/contrib/cups.te index 662b991..261dc06 100644 --- a/policy/modules/contrib/cups.te +++ b/policy/modules/contrib/cups.te @@ -15,6 +15,7 @@ files_pid_file(cupsd_config_var_run_t) type cupsd_t; type cupsd_exec_t; init_daemon_domain(cupsd_t, cupsd_exec_t) +init_named_socket_activation(cupsd_t, cupsd_var_run_t) mls_trusted_object(cupsd_t) type cupsd_etc_t; diff --git a/policy/modules/contrib/dbus.te b/policy/modules/contrib/dbus.te index e79a81a..e32b70a 100644 --- a/policy/modules/contrib/dbus.te +++ b/policy/modules/contrib/dbus.te @@ -35,6 +35,7 @@ userdom_user_tmp_file(session_dbusd_tmp_t) type system_dbusd_t; init_system_domain(system_dbusd_t, dbusd_exec_t) +init_named_socket_activation(system_dbusd_t, system_dbusd_var_run_t) type system_dbusd_tmp_t; files_tmp_file(system_dbusd_tmp_t) diff --git a/policy/modules/contrib/iscsi.te b/policy/modules/contrib/iscsi.te index 070f8e3..43f85f3 100644 --- a/policy/modules/contrib/iscsi.te +++ b/policy/modules/contrib/iscsi.te @@ -8,6 +8,7 @@ policy_module(iscsi, 1.9.1) type iscsid_t; type iscsid_exec_t; init_daemon_domain(iscsid_t, iscsid_exec_t) +init_abstract_socket_activation(iscsid_t) type iscsi_initrc_exec_t; init_script_file(iscsi_initrc_exec_t) diff --git a/policy/modules/contrib/rpcbind.te b/policy/modules/contrib/rpcbind.te index 9cdb548..fab6184 100644 --- a/policy/modules/contrib/rpcbind.te +++ b/policy/modules/contrib/rpcbind.te @@ -8,6 +8,7 @@ policy_module(rpcbind, 1.8.2) type rpcbind_t; type rpcbind_exec_t; init_daemon_domain(rpcbind_t, rpcbind_exec_t) +init_named_socket_activation(rpcbind_t, rpcbind_var_run_t) type rpcbind_initrc_exec_t; init_script_file(rpcbind_initrc_exec_t)
