[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/

Jason Zaman Sun, 02 Aug 2015 12:06:12 -0700

commit:     017cc90bb5f7acd0d5497b17b24c537d96b5400b
Author:     Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Sun Aug  2 18:21:15 2015 +0000
Commit:     Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Aug  2 19:04:45 2015 +0000
URL:        
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=017cc90b


subsonic: also needs accept perms on the tcp_socket

otherwise it can bind and listen but not accept

 policy/modules/contrib/subsonic.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/policy/modules/contrib/subsonic.te 
b/policy/modules/contrib/subsonic.te
index cb0c5ac..a64a814 100644
--- a/policy/modules/contrib/subsonic.te
+++ b/policy/modules/contrib/subsonic.te
@@ -20,7 +20,7 @@ files_pid_file(subsonic_run_t)
 # Subsonic local policy
 #
 
-allow subsonic_t self:tcp_socket listen;
+allow subsonic_t self:tcp_socket { listen accept };
 
 java_domain_type(subsonic_t)

[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/

Reply via email to