|
|
@@ -1,4 +1,4 @@
|
|
|
-policy_module(jabber_additional, 0.0.5)
|
|
|
+policy_module(jabber_additional, 0.0.6)
|
|
|
|
|
|
require {
|
|
|
type jabberd_t;
|
|
|
@@ -14,7 +14,7 @@ type jabberd_var_cache_t;
|
|
|
files_type(jabberd_var_cache_t)
|
|
|
|
|
|
allow jabberd_t self:process { getsched setsched };
|
|
|
-allow jabberd_t self:capability { dac_read_search setgid setuid };
|
|
|
+allow jabberd_t self:capability { dac_read_search setgid setuid chown fowner };
|
|
|
|
|
|
manage_dirs_pattern(jabberd_t, jabberd_var_cache_t, jabberd_var_cache_t)
|
|
|
manage_files_pattern(jabberd_t, jabberd_var_cache_t, jabberd_var_cache_t)
|
|
|
@@ -43,4 +43,5 @@ corenet_tcp_connect_all_unreserved_ports(jabberd_t)
|
|
|
files_read_generic_tmp_files(jabberd_t)
|
|
|
|
|
|
auth_rw_faillog(jabberd_t)
|
|
|
-search_dirs_pattern(jabberd_t, faillog_t, faillog_t)
|
|
|
+manage_dirs_pattern(jabberd_t, faillog_t, faillog_t)
|
|
|
+manage_files_pattern(jabberd_t, faillog_t, faillog_t)
|
