commit:     9dafa9a3a637709131e17d7cab38d29afd45a796
Author:     Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Wed Jun 25 19:58:15 2014 +0000
Commit:     Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Wed Jun 25 19:58:15 2014 +0000
URL:        
http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=9dafa9a3

Add NetworkManager_t and dhcpc_t as resolvconf clients

---
 policy/modules/contrib/networkmanager.te | 11 +++++++++++
 policy/modules/system/sysnetwork.te      |  4 ++++
 2 files changed, 15 insertions(+)

diff --git a/policy/modules/contrib/networkmanager.te 
b/policy/modules/contrib/networkmanager.te
index a4a45c0..f70479a 100644
--- a/policy/modules/contrib/networkmanager.te
+++ b/policy/modules/contrib/networkmanager.te
@@ -367,6 +367,17 @@ miscfiles_read_localization(wpa_cli_t)
 term_dontaudit_use_console(wpa_cli_t)
 
 ifdef(`distro_gentoo',`
+       #
+       # NetworkManager_t policy
+       #
+
+       optional_policy(`
+               resolvconf_client_domain(NetworkManager_t)
+       ')
+
+       #
+       # wpa_cli_t policy
+       #
        manage_files_pattern(wpa_cli_t, wpa_cli_var_run_t, wpa_cli_var_run_t)
        files_pid_filetrans(wpa_cli_t, wpa_cli_var_run_t, file)
 

diff --git a/policy/modules/system/sysnetwork.te 
b/policy/modules/system/sysnetwork.te
index 3f79de9..945ffb5 100644
--- a/policy/modules/system/sysnetwork.te
+++ b/policy/modules/system/sysnetwork.te
@@ -406,4 +406,8 @@ ifdef(`distro_gentoo',`
        # Fixes bug 468878
        files_pid_filetrans(dhcpc_t, dhcpc_var_run_t, sock_file)
        allow dhcpc_t self:unix_stream_socket { create_stream_socket_perms 
connectto };
+
+       optional_policy(`
+               resolvconf_client_domain(dhcpc_t)
+       ')
 ')

Reply via email to