Add noatsecure to programs using LD_PRELOAD (CoD4, TS3, TF2)

diff --git a/cod4/cod4.te b/cod4/cod4.te
index 6b0284d..389e4bc 100644 (file)
--- a/cod4/cod4.te
+++ b/cod4/cod4.te
@@ -1,4 +1,4 @@
-policy_module(cod4, 0.1.26)
+policy_module(cod4, 0.1.30)
 
 # File context for the executable process
 type cod4_t;
@@ -23,3 +23,5 @@ manage_dirs_pattern(cod4_t, cod4_rw_t, cod4_rw_t)
 setattr_files_pattern(cod4_t, cod4_rw_t, cod4_rw_t)
 
 sysnet_dns_name_resolve(cod4_t)
+
+allow init_t cod4_t:process { noatsecure };

diff --git a/tf2/tf2.te b/tf2/tf2.te
index 1e08a9f..fd3f755 100644 (file)
--- a/tf2/tf2.te
+++ b/tf2/tf2.te
@@ -51,3 +51,5 @@ kernel_read_network_state(tf2_t)
 
 # There's a lot of noise from these accesses
 dontaudit tf2_t default_t:dir read;
+
+allow init_t tf2_t:process { noatsecure };

diff --git a/ts3/ts3.fc b/ts3/ts3.fc
index 67a8648..b5e2b9a 100644 (file)
--- a/ts3/ts3.fc
+++ b/ts3/ts3.fc
@@ -1,4 +1,5 @@
 /opt/teamspeak3(-server_linux-(amd64|x86))?/libts3db_(.+)\.so               -- gen_context(system_u:object_r:ts3_exec_t,s0)
 /opt/teamspeak3(-server_linux-(amd64|x86))?/ts3server_linux_(amd64|x86)     -- gen_context(system_u:object_r:ts3_exec_t,s0)
+/opt/teamspeak3(-server_linux-(amd64|x86))?/ts3server                       -- gen_context(system_u:object_r:ts3_exec_t,s0)
 /opt/teamspeak3(-server_linux-(amd64|x86))?/ts3server_minimal_runscript\.sh -- gen_context(system_u:object_r:ts3_exec_t,s0)
 /opt/teamspeak3(-server_linux-(amd64|x86))?(/.*)?                              gen_context(system_u:object_r:ts3_rw_t,s0)

diff --git a/ts3/ts3.te b/ts3/ts3.te
index 00a2ef2..95dd7a3 100644 (file)
--- a/ts3/ts3.te
+++ b/ts3/ts3.te
@@ -36,3 +36,5 @@ dev_read_urand(ts3_t)
 
 fs_getattr_tmpfs(ts3_t)
 fs_manage_tmpfs_files(ts3_t)
+
+allow init_t ts3_t:process { noatsecure };