diff options
| author |   Chris PeBenito <pebenito@ieee.org> | 2017-02-23 20:03:08 -0500 |
|---|---|---|
| committer |   Jason Zaman <jason@perfinion.com> | 2017-02-25 22:50:53 +0800 |
| commit | bdd606c36e4b163f5dee262d0c450a74efcd208c (patch) | |
| tree | 98b46ceaa8a100d1d55dd54b77f5acf65a3ef928 | |
| parent | Module version bump for samba patch from Russell Coker. (diff) | |
| download | hardened-refpolicy-bdd606c36e4b163f5dee262d0c450a74efcd208c.tar.gz hardened-refpolicy-bdd606c36e4b163f5dee262d0c450a74efcd208c.tar.bz2 hardened-refpolicy-bdd606c36e4b163f5dee262d0c450a74efcd208c.zip | |
Systemd fixes from Russell Coker.
| -rw-r--r-- | policy/modules/contrib/cron.if | 19 | ||||
| -rw-r--r-- | policy/modules/contrib/cron.te | 2 |
2 files changed, 20 insertions, 1 deletions
diff --git a/policy/modules/contrib/cron.if b/policy/modules/contrib/cron.if index c6dec2c30..6737f53c0 100644 --- a/policy/modules/contrib/cron.if +++ b/policy/modules/contrib/cron.if @@ -686,6 +686,25 @@ interface(`cron_use_system_job_fds',` ######################################## ## <summary> +## Create, read, write, and delete the system spool. +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`cron_manage_system_spool',` + gen_require(` + type cron_system_spool_t; + ') + + files_search_spool($1) + manage_files_pattern($1, cron_system_spool_t, cron_system_spool_t) +') + +######################################## +## <summary> ## Read system cron job lib files. ## </summary> ## <param name="domain"> diff --git a/policy/modules/contrib/cron.te b/policy/modules/contrib/cron.te index 905deb165..3513e1f27 100644 --- a/policy/modules/contrib/cron.te +++ b/policy/modules/contrib/cron.te @@ -1,4 +1,4 @@ -policy_module(cron, 2.11.0) +policy_module(cron, 2.11.1) gen_require(` class passwd rootok; |