git://git.camperquake.de
/
selinux.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Add directory read permissions for ro marked dirs
[selinux.git]
/
q3a
/
q3a.te
diff --git
a/q3a/q3a.te
b/q3a/q3a.te
index
ef9da68
..
d0c204d
100644
(file)
--- a/
q3a/q3a.te
+++ b/
q3a/q3a.te
@@
-1,4
+1,4
@@
-policy_module(q3a, 0.1.2
3
)
+policy_module(q3a, 0.1.2
4
)
# File context for the executable process
type q3a_t;
# File context for the executable process
type q3a_t;
@@
-19,6
+19,7
@@
corenet_udp_bind_generic_port(q3a_t)
corenet_udp_bind_generic_node(q3a_t)
read_files_pattern(q3a_t, q3a_ro_t, q3a_ro_t)
corenet_udp_bind_generic_node(q3a_t)
read_files_pattern(q3a_t, q3a_ro_t, q3a_ro_t)
+list_dirs_pattern(q3a_t, q3a_ro_t, q3a_ro_t)
allow q3a_t q3a_ro_t:dir list_dir_perms;
allow q3a_t q3a_ro_t:file read_file_perms;
allow q3a_t q3a_ro_t:dir list_dir_perms;
allow q3a_t q3a_ro_t:file read_file_perms;