Re: another SE Linux policy
Sorry, I forgot to ask, please allow this version in Lenny. Without it
sometimes some machines won't boot...
On Tuesday 21 October 2008 00:50, Russell Coker <russell@coker.com.au> wrote:
> The spamassassin and Clamav changes are needed for some people who use
> those programs.
>
> But the real requirement here is to have the correct labels for device
> nodes created by initrc_t. It is needed to allow booting in enforcing mode
> when you have a corrupt /etc/fstab file.
>
> refpolicy (2:0.0.20080702-13) unstable; urgency=high
> .
> * Allow spamd_t to create a Unix domain socket.
> * Allow clamd_t to read files under /usr (for Perl).
> Allow it to connect to amavisd_send_port_t.
> Allow it to talk to itself by unix stream sockets and bind to UDP
> nodes. Closes: #502274
> * Allow logrotate_t to transition to webalizer_t for web log processing.
> * Allow initrc_t to create fixed_disk_device_t nodes under var_run_t,
> for the case where /etc/fstab has an error regarding the root fs.
> * Use the Lenny paths for xm, xend, xenstored, and xenconsoled.
> Add some extra permissions that Xen needs.
--
russell@coker.com.au
http://etbe.coker.com.au/ My Blog
http://www.coker.com.au/sponsorship.html Sponsoring Free Software development
Reply to: