f9eb198b55
- Update to version 20200717. Refreshed * fix_fwupd.patch * fix_hadoop.patch * fix_init.patch * fix_irqbalance.patch * fix_logrotate.patch * fix_nagios.patch * fix_networkmanager.patch * fix_postfix.patch * fix_sysnetwork.patch * fix_systemd.patch * fix_thunderbird.patch * fix_unconfined.patch * fix_unprivuser.patch * selinux-policy.spec - Added update.sh to make updating easier - Updated fix_unconfineduser.patch to allow unconfined_dbusd_t access to accountsd dbus - New patch: * fix_nis.patch - Updated patches: * fix_postfix.patch: Transition is done in distribution specific script OBS-URL: https://build.opensuse.org/request/show/821528 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=77
25 lines
1.3 KiB
Diff
25 lines
1.3 KiB
Diff
Index: fedora-policy/policy/modules/contrib/nagios.fc
|
|
===================================================================
|
|
--- fedora-policy.orig/policy/modules/contrib/nagios.fc
|
|
+++ fedora-policy/policy/modules/contrib/nagios.fc
|
|
@@ -24,6 +24,7 @@
|
|
/var/log/pnp4nagios(/.*)? gen_context(system_u:object_r:nagios_log_t,s0)
|
|
|
|
/var/lib/pnp4nagios(/.*)? gen_context(system_u:object_r:nagios_var_lib_t,s0)
|
|
+/var/lib/nagios(/.*)? gen_context(system_u:object_r:nagios_var_lib_t,s0)
|
|
|
|
/var/run/nagios.* gen_context(system_u:object_r:nagios_var_run_t,s0)
|
|
|
|
Index: fedora-policy/policy/modules/contrib/nagios.te
|
|
===================================================================
|
|
--- fedora-policy.orig/policy/modules/contrib/nagios.te
|
|
+++ fedora-policy/policy/modules/contrib/nagios.te
|
|
@@ -157,6 +157,7 @@ allow nagios_t nagios_spool_t:file map;
|
|
manage_files_pattern(nagios_t, nagios_var_lib_t, nagios_var_lib_t)
|
|
manage_fifo_files_pattern(nagios_t, nagios_var_lib_t, nagios_var_lib_t)
|
|
manage_dirs_pattern(nagios_t, nagios_var_lib_t, nagios_var_lib_t)
|
|
+manage_sock_files_pattern(nagios_t, nagios_var_lib_t, nagios_var_lib_t)
|
|
files_var_lib_filetrans(nagios_t, nagios_var_lib_t, { dir file fifo_file })
|
|
|
|
kernel_read_system_state(nagios_t)
|