Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 280871 Details for
Bug 376271
vixie-cron fails with SELINUX=enforcing and SELINUXTYPE=strict
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
policy SELinux cron
policy (text/plain), 2.26 KB, created by
Dave
on 2011-07-24 21:35:23 UTC
(
hide
)
Description:
policy SELinux cron
Filename:
MIME Type:
Creator:
Dave
Created:
2011-07-24 21:35:23 UTC
Size:
2.26 KB
patch
obsolete
>module cron 1.0; > >require { > type user_home_dir_t; > type user_home_t; > type system_cronjob_t; > type admin_crontab_t; > class dir search; > class file { open read execute }; > class file execute_no_trans; >} > >#============= admin_crontab_t ============== >allow admin_crontab_t user_home_dir_t:dir search; > >#============= system_cronjob_t ============== >allow system_cronjob_t user_home_t:file { open read execute }; >allow system_cronjob_t user_home_t:file execute_no_trans; > >################################################################################################ > >module cron2 1.0; > >require { > type portage_log_t; > type system_cronjob_t; > type portage_ebuild_t; > class dir setattr; > class file open; >} > >#============= system_cronjob_t ============== >allow system_cronjob_t portage_ebuild_t:dir setattr; >allow system_cronjob_t portage_log_t:file open; > >################################################################################################ > >module cron3 1.0; > >require { > type system_cronjob_t; > type portage_log_t; > type portage_db_t; > type user_home_t; > type etc_runtime_t; > type var_lib_t; > type var_log_t; > type http_port_t; > type var_t; > type portage_ebuild_t; > type git_port_t; > type portage_cache_t; > class tcp_socket name_connect; > class dir { write rmdir remove_name create add_name }; > class file { rename setattr read lock create write getattr unlink open append }; >} > >#============= system_cronjob_t ============== >allow system_cronjob_t git_port_t:tcp_socket name_connect; >allow system_cronjob_t http_port_t:tcp_socket name_connect; >allow system_cronjob_t portage_cache_t:dir { remove_name add_name }; >allow system_cronjob_t portage_cache_t:file { write rename create }; >allow system_cronjob_t portage_db_t:file { read open }; >allow system_cronjob_t portage_ebuild_t:dir { write remove_name create add_name rmdir }; >allow system_cronjob_t portage_ebuild_t:file { rename create unlink setattr }; >allow system_cronjob_t portage_log_t:file lock; >allow system_cronjob_t var_lib_t:file { unlink append }; >allow system_cronjob_t var_log_t:file write; >allow system_cronjob_t var_t:file { write setattr }; > > >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=280871">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 376271
: 280871
