quake2: Add execmem support

author Ralf Ertzinger <ralf@skytale.net>

Mon, 24 Aug 2015 17:53:12 +0000 (17:53 +0000)

committer Ralf Ertzinger <ralf@skytale.net>

Mon, 24 Aug 2015 17:53:12 +0000 (17:53 +0000)
author Ralf Ertzinger <ralf@skytale.net>
Mon, 24 Aug 2015 17:53:12 +0000 (17:53 +0000)
committer Ralf Ertzinger <ralf@skytale.net>
Mon, 24 Aug 2015 17:53:12 +0000 (17:53 +0000)
diff --git a/quake2/quake2.fc b/quake2/quake2.fc

index 0ae0145..eb03638 100644 (file)
--- a/quake2/quake2.fc
+++ b/quake2/quake2.fc
@@ -1,7 +1,7 @@
-/etank/games/quake2/quake2/quake2ded         --      gen_context(system_u:object_r:quake2_exec_t,s0)
-/etank/games/quake2/quake2/.*/gamex86_64.so  --      gen_context(system_u:object_r:quake2_exec_t,s0)
-/etank/games/quake2/quake2(/.*)?                     gen_context(system_u:object_r:quake2_ro_t,s0)
-/etank/games/quake2/quake2/lithium/save(/.*)?        gen_context(system_u:object_r:quake2_rw_t,s0)
-/etank/games/quake2/quake2/lithium/log(/.*)?         gen_context(system_u:object_r:quake2_rw_t,s0)
-/etank/games/quake2/quake2/lithium/.*log             gen_context(system_u:object_r:quake2_rw_t,s0)
-#/etank/games/quake2/.quake2(/.*)?                   gen_context(system_u:object_r:quake2_rw_t,s0)
+/etank/games/quake2/quake2/quake2ded([^/]*)?         --      gen_context(system_u:object_r:quake2_exec_t,s0)
+/etank/games/quake2/quake2/.*/game(x86_64|i386)\.so  --      gen_context(system_u:object_r:quake2_exec_t,s0)
+/etank/games/quake2/quake2(/.*)?                             gen_context(system_u:object_r:quake2_ro_t,s0)
+/etank/games/quake2/quake2/lithium/save(/.*)?                gen_context(system_u:object_r:quake2_rw_t,s0)
+/etank/games/quake2/quake2/lithium/log(/.*)?                 gen_context(system_u:object_r:quake2_rw_t,s0)
+/etank/games/quake2/quake2/lithium/.*log                     gen_context(system_u:object_r:quake2_rw_t,s0)
+#/etank/games/quake2/.quake2(/.*)?                           gen_context(system_u:object_r:quake2_rw_t,s0)
diff --git a/quake2/quake2.te b/quake2/quake2.te

index 1991c36..b1f62ec 100644 (file)
--- a/quake2/quake2.te
+++ b/quake2/quake2.te
@@ -1,4 +1,4 @@
-policy_module(quake2, 0.1.1)
+policy_module(quake2, 0.1.5)
  
  # File context for the executable process
  type quake2_t;
  
  # File context for the executable process
  type quake2_t;
@@ -30,3 +30,5 @@ setattr_files_pattern(quake2_t, quake2_rw_t, quake2_rw_t)
  
  sysnet_dns_name_resolve(quake2_t)
  files_tmp_filetrans(quake2_t, quake2_tmp_t, { file dir})
  
  sysnet_dns_name_resolve(quake2_t)
  files_tmp_filetrans(quake2_t, quake2_tmp_t, { file dir})
+
+allow quake2_t self:process execmem;
author	Ralf Ertzinger <ralf@skytale.net>
	Mon, 24 Aug 2015 17:53:12 +0000 (17:53 +0000)
committer	Ralf Ertzinger <ralf@skytale.net>
	Mon, 24 Aug 2015 17:53:12 +0000 (17:53 +0000)
quake2/quake2.fc		patch \| blob \| history
quake2/quake2.te		patch \| blob \| history