Browse Source

jabber: update pid directory and allow execution of some rabbitmq files

Helmut Pozimski 7 năm trước cách đây
mục cha
commit
420314efe6
2 tập tin đã thay đổi với 16 bổ sung1 xóa
  1. 1 0
      policy/modules/jabber.fc
  2. 15 1
      policy/modules/jabber.te

+ 1 - 0
policy/modules/jabber.fc

@@ -23,3 +23,4 @@
 
 /var/run/ejabber\.pid	--	gen_context(system_u:object_r:jabberd_var_run_t,s0)
 /var/run/jabber\.pid	--	gen_context(system_u:object_r:jabberd_var_run_t,s0)
+/var/run/ejabberd(/.*)?		gen_context(system_u:object_r:jabberd_var_run_t,s0)

+ 15 - 1
policy/modules/jabber.te

@@ -1,4 +1,4 @@
-policy_module(jabber, 1.11.1)
+policy_module(jabber, 1.11.6)
 
 ########################################
 #
@@ -153,6 +153,20 @@ optional_policy(`
 	udev_read_db(jabberd_t)
 ')
 
+optional_policy(`
+	gen_require(`
+		type rabbitmq_epmd_exec_t;
+	')
+	can_exec(jabberd_t, rabbitmq_epmd_exec_t)
+')
+
+optional_policy(`
+	gen_require(`
+		type rabbitmq_beam_exec_t;
+	')
+	can_exec(jabberd_t, rabbitmq_beam_exec_t)
+')
+
 ########################################
 #
 # Router local policy