commit: 9dafa9a3a637709131e17d7cab38d29afd45a796
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Wed Jun 25 19:58:15 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Wed Jun 25 19:58:15 2014 +0000
URL:
http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=9dafa9a3
Add NetworkManager_t and dhcpc_t as resolvconf clients
---
policy/modules/contrib/networkmanager.te | 11 +++++++++++
policy/modules/system/sysnetwork.te | 4 ++++
2 files changed, 15 insertions(+)
diff --git a/policy/modules/contrib/networkmanager.te
b/policy/modules/contrib/networkmanager.te
index a4a45c0..f70479a 100644
--- a/policy/modules/contrib/networkmanager.te
+++ b/policy/modules/contrib/networkmanager.te
@@ -367,6 +367,17 @@ miscfiles_read_localization(wpa_cli_t)
term_dontaudit_use_console(wpa_cli_t)
ifdef(`distro_gentoo',`
+ #
+ # NetworkManager_t policy
+ #
+
+ optional_policy(`
+ resolvconf_client_domain(NetworkManager_t)
+ ')
+
+ #
+ # wpa_cli_t policy
+ #
manage_files_pattern(wpa_cli_t, wpa_cli_var_run_t, wpa_cli_var_run_t)
files_pid_filetrans(wpa_cli_t, wpa_cli_var_run_t, file)
diff --git a/policy/modules/system/sysnetwork.te
b/policy/modules/system/sysnetwork.te
index 3f79de9..945ffb5 100644
--- a/policy/modules/system/sysnetwork.te
+++ b/policy/modules/system/sysnetwork.te
@@ -406,4 +406,8 @@ ifdef(`distro_gentoo',`
# Fixes bug 468878
files_pid_filetrans(dhcpc_t, dhcpc_var_run_t, sock_file)
allow dhcpc_t self:unix_stream_socket { create_stream_socket_perms
connectto };
+
+ optional_policy(`
+ resolvconf_client_domain(dhcpc_t)
+ ')
')