Sfoglia il codice sorgente

jabber: update pid directory and allow execution of some rabbitmq files

Helmut Pozimski 7 anni fa
parent
commit
420314efe6
2 ha cambiato i file con 16 aggiunte e 1 eliminazioni
  1. 1 0
      policy/modules/jabber.fc
  2. 15 1
      policy/modules/jabber.te

+ 1 - 0
policy/modules/jabber.fc

@@ -23,3 +23,4 @@
 
 /var/run/ejabber\.pid	--	gen_context(system_u:object_r:jabberd_var_run_t,s0)
 /var/run/jabber\.pid	--	gen_context(system_u:object_r:jabberd_var_run_t,s0)
+/var/run/ejabberd(/.*)?		gen_context(system_u:object_r:jabberd_var_run_t,s0)

+ 15 - 1
policy/modules/jabber.te

@@ -1,4 +1,4 @@
-policy_module(jabber, 1.11.1)
+policy_module(jabber, 1.11.6)
 
 ########################################
 #
@@ -153,6 +153,20 @@ optional_policy(`
 	udev_read_db(jabberd_t)
 ')
 
+optional_policy(`
+	gen_require(`
+		type rabbitmq_epmd_exec_t;
+	')
+	can_exec(jabberd_t, rabbitmq_epmd_exec_t)
+')
+
+optional_policy(`
+	gen_require(`
+		type rabbitmq_beam_exec_t;
+	')
+	can_exec(jabberd_t, rabbitmq_beam_exec_t)
+')
+
 ########################################
 #
 # Router local policy