Merge branch 'master' of ssh://git.camperquake.de:22003/selinux

diff --git a/tf2/tf2.te b/tf2/tf2.te
index cce8993..bf69c5d 100644 (file)
--- a/tf2/tf2.te
+++ b/tf2/tf2.te
@@ -1,4 +1,4 @@
-policy_module(tf2, 0.1.24)
+policy_module(tf2, 0.1.25)
 
 require {
     type default_t;
@@ -32,6 +32,7 @@ corenet_tcp_bind_generic_node(tf2_t)
 read_files_pattern(tf2_t, tf2_ro_t, tf2_ro_t)
 read_lnk_files_pattern(tf2_t, tf2_ro_t, tf2_ro_t)
 list_dirs_pattern(tf2_t, tf2_ro_t, tf2_ro_t)
+mmap_files_pattern(tf2_t, tf2_ro_t, tf2_ro_t)
 
 manage_files_pattern(tf2_t, tf2_rw_t, tf2_rw_t)
 manage_dirs_pattern(tf2_t, tf2_rw_t, tf2_rw_t)

diff --git a/ts3/ts3.te b/ts3/ts3.te
index 3688ad6..1700cf3 100644 (file)
--- a/ts3/ts3.te
+++ b/ts3/ts3.te
@@ -1,4 +1,4 @@
-policy_module(ts3, 0.1.23)
+policy_module(ts3, 0.1.28)
 
 # File context for the executable process
 type ts3_t;
@@ -23,11 +23,15 @@ allow ts3_t self:tcp_socket { create_stream_socket_perms connected_stream_socket
 
 read_files_pattern(ts3_t, ts3_ro_t, ts3_ro_t)
 list_dirs_pattern(ts3_t, ts3_ro_t, ts3_ro_t)
+mmap_exec_files_pattern(ts3_t, ts3_ro_t, ts3_ro_t)
 
 manage_files_pattern(ts3_t, ts3_rw_t, ts3_rw_t)
 manage_dirs_pattern(ts3_t, ts3_rw_t, ts3_rw_t)
+mmap_exec_files_pattern(ts3_t, ts3_rw_t, ts3_rw_t)
 setattr_files_pattern(ts3_t, ts3_rw_t, ts3_rw_t)
 
+mmap_exec_files_pattern(ts3_t, tmpfs_t, tmpfs_t)
+
 sysnet_dns_name_resolve(ts3_t)
 
 # Needed to load shared libraries