1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
Subject: [PATCH] refpolicy: fix real path for bind.
Upstream-Status: Inappropriate [configuration]
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
---
policy/modules/contrib/bind.fc | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/policy/modules/contrib/bind.fc b/policy/modules/contrib/bind.fc
index 59aa54f..3275671 100644
--- a/policy/modules/contrib/bind.fc
+++ b/policy/modules/contrib/bind.fc
@@ -1,10 +1,19 @@
/etc/rc\.d/init\.d/named -- gen_context(system_u:object_r:named_initrc_exec_t,s0)
+/etc/rc\.d/init\.d/bind -- gen_context(system_u:object_r:named_initrc_exec_t,s0)
/etc/rc\.d/init\.d/unbound -- gen_context(system_u:object_r:named_initrc_exec_t,s0)
/etc/rndc.* -- gen_context(system_u:object_r:named_conf_t,s0)
/etc/rndc\.key -- gen_context(system_u:object_r:dnssec_t,s0)
/etc/unbound(/.*)? gen_context(system_u:object_r:named_conf_t,s0)
+/etc/bind(/.*)? gen_context(system_u:object_r:named_zone_t,s0)
+/etc/bind/named\.conf -- gen_context(system_u:object_r:named_conf_t,s0)
+/etc/bind/named\.conf\.local -- gen_context(system_u:object_r:named_conf_t,s0)
+/etc/bind/named\.conf\.options -- gen_context(system_u:object_r:named_conf_t,s0)
+/etc/bind/rndc\.conf -- gen_context(system_u:object_r:named_conf_t,s0)
+/etc/bind/rndc\.key -- gen_context(system_u:object_r:dnssec_t,s0)
+/var/cache/bind(/.*)? gen_context(system_u:object_r:named_cache_t,s0)
+
/usr/sbin/lwresd -- gen_context(system_u:object_r:named_exec_t,s0)
/usr/sbin/named -- gen_context(system_u:object_r:named_exec_t,s0)
/usr/sbin/named-checkconf -- gen_context(system_u:object_r:named_checkconf_exec_t,s0)
--
1.7.9.5
|
