[gentoo-commits] proj/hardened-refpolicy:mailinfra commit in: policy/modules/contrib/

Sven Vermeulen Sun, 21 Sep 2014 07:08:47 -0700

commit:     251e3aeab13af9ef95032c5b207b5b3a165c1307
Author:     Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sun Aug 31 18:38:21 2014 +0000
Commit:     Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Sep 21 14:03:38 2014 +0000
URL:        
http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=251e3aea


Allow salt minion to read SELinux configuration

The rlpkg command, before executing setfiles (which involves a domain
transition), parses the SELinux configuration file.

---
 policy/modules/contrib/salt.te | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/policy/modules/contrib/salt.te b/policy/modules/contrib/salt.te
index 8388253..05dffec 100644
--- a/policy/modules/contrib/salt.te
+++ b/policy/modules/contrib/salt.te
@@ -311,6 +311,10 @@ optional_policy(`
 ')
 
 optional_policy(`
+       seutil_read_config(salt_minion_t)
+')
+
+optional_policy(`
        shutdown_domtrans(salt_minion_t)
 ')

[gentoo-commits] proj/hardened-refpolicy:mailinfra commit in: policy/modules/contrib/

Reply via email to