* [refpolicy] [PATCH 1/2] devicekit: add new wake_alarm permission (capability2)
@ 2016-12-30 18:59 Guido Trentalancia
2016-12-30 18:59 ` [refpolicy] [PATCH 2/2] networkmanager: " Guido Trentalancia
2016-12-30 19:38 ` [refpolicy] [PATCH 1/2] devicekit: " Chris PeBenito
0 siblings, 2 replies; 4+ messages in thread
From: Guido Trentalancia @ 2016-12-30 18:59 UTC (permalink / raw)
To: refpolicy
Add the new wake_alarm permission from the capability2 class
to the devicekit module (devicekit_power_t domain).
Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
---
policy/modules/contrib/devicekit.te | 1 +
1 file changed, 1 insertion(+)
diff -pru a/policy/modules/contrib/devicekit.te b/policy/modules/contrib/devicekit.te
--- a/policy/modules/contrib/devicekit.te 2016-12-22 23:12:59.378081690 +0100
+++ b/policy/modules/contrib/devicekit.te 2016-12-30 19:50:23.947674620 +0100
@@ -198,6 +198,7 @@ optional_policy(`
#
allow devicekit_power_t self:capability { dac_override net_admin sys_admin sys_tty_config sys_nice sys_ptrace };
+allow devicekit_power_t self:capability2 wake_alarm;
allow devicekit_power_t self:process { getsched signal_perms };
allow devicekit_power_t self:fifo_file rw_fifo_file_perms;
allow devicekit_power_t self:unix_dgram_socket create_socket_perms;
^ permalink raw reply [flat|nested] 4+ messages in thread
* [refpolicy] [PATCH 2/2] networkmanager: add new wake_alarm permission (capability2)
2016-12-30 18:59 [refpolicy] [PATCH 1/2] devicekit: add new wake_alarm permission (capability2) Guido Trentalancia
@ 2016-12-30 18:59 ` Guido Trentalancia
2016-12-30 19:38 ` Chris PeBenito
2016-12-30 19:38 ` [refpolicy] [PATCH 1/2] devicekit: " Chris PeBenito
1 sibling, 1 reply; 4+ messages in thread
From: Guido Trentalancia @ 2016-12-30 18:59 UTC (permalink / raw)
To: refpolicy
Add the new wake_alarm permission from the capability2 class
to the NetworkManager module.
Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
---
policy/modules/contrib/networkmanager.te | 1 +
1 file changed, 1 insertion(+)
diff -pru a/policy/modules/contrib/networkmanager.te b/policy/modules/contrib/networkmanager.te
--- a/policy/modules/contrib/networkmanager.te 2016-12-22 23:12:59.388081821 +0100
+++ b/policy/modules/contrib/networkmanager.te 2016-12-30 19:51:25.794977833 +0100
@@ -44,6 +44,7 @@ init_system_domain(wpa_cli_t, wpa_cli_ex
allow NetworkManager_t self:capability { fowner chown fsetid kill setgid setuid sys_nice dac_override net_admin net_raw ipc_lock };
dontaudit NetworkManager_t self:capability { sys_tty_config sys_module sys_ptrace };
+allow NetworkManager_t self:capability2 wake_alarm;
allow NetworkManager_t self:process { ptrace getcap setcap setpgid getsched setsched signal_perms };
allow NetworkManager_t self:fifo_file rw_fifo_file_perms;
allow NetworkManager_t self:unix_dgram_socket sendto;
^ permalink raw reply [flat|nested] 4+ messages in thread
* [refpolicy] [PATCH 1/2] devicekit: add new wake_alarm permission (capability2)
2016-12-30 18:59 [refpolicy] [PATCH 1/2] devicekit: add new wake_alarm permission (capability2) Guido Trentalancia
2016-12-30 18:59 ` [refpolicy] [PATCH 2/2] networkmanager: " Guido Trentalancia
@ 2016-12-30 19:38 ` Chris PeBenito
1 sibling, 0 replies; 4+ messages in thread
From: Chris PeBenito @ 2016-12-30 19:38 UTC (permalink / raw)
To: refpolicy
On 12/30/16 13:59, Guido Trentalancia via refpolicy wrote:
> Add the new wake_alarm permission from the capability2 class
> to the devicekit module (devicekit_power_t domain).
>
> Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
> ---
> policy/modules/contrib/devicekit.te | 1 +
> 1 file changed, 1 insertion(+)
>
> diff -pru a/policy/modules/contrib/devicekit.te b/policy/modules/contrib/devicekit.te
> --- a/policy/modules/contrib/devicekit.te 2016-12-22 23:12:59.378081690 +0100
> +++ b/policy/modules/contrib/devicekit.te 2016-12-30 19:50:23.947674620 +0100
> @@ -198,6 +198,7 @@ optional_policy(`
> #
>
> allow devicekit_power_t self:capability { dac_override net_admin sys_admin sys_tty_config sys_nice sys_ptrace };
> +allow devicekit_power_t self:capability2 wake_alarm;
> allow devicekit_power_t self:process { getsched signal_perms };
> allow devicekit_power_t self:fifo_file rw_fifo_file_perms;
> allow devicekit_power_t self:unix_dgram_socket create_socket_perms;
Merged.
--
Chris PeBenito
^ permalink raw reply [flat|nested] 4+ messages in thread
* [refpolicy] [PATCH 2/2] networkmanager: add new wake_alarm permission (capability2)
2016-12-30 18:59 ` [refpolicy] [PATCH 2/2] networkmanager: " Guido Trentalancia
@ 2016-12-30 19:38 ` Chris PeBenito
0 siblings, 0 replies; 4+ messages in thread
From: Chris PeBenito @ 2016-12-30 19:38 UTC (permalink / raw)
To: refpolicy
On 12/30/16 13:59, Guido Trentalancia via refpolicy wrote:
> Add the new wake_alarm permission from the capability2 class
> to the NetworkManager module.
>
> Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
> ---
> policy/modules/contrib/networkmanager.te | 1 +
> 1 file changed, 1 insertion(+)
>
> diff -pru a/policy/modules/contrib/networkmanager.te b/policy/modules/contrib/networkmanager.te
> --- a/policy/modules/contrib/networkmanager.te 2016-12-22 23:12:59.388081821 +0100
> +++ b/policy/modules/contrib/networkmanager.te 2016-12-30 19:51:25.794977833 +0100
> @@ -44,6 +44,7 @@ init_system_domain(wpa_cli_t, wpa_cli_ex
>
> allow NetworkManager_t self:capability { fowner chown fsetid kill setgid setuid sys_nice dac_override net_admin net_raw ipc_lock };
> dontaudit NetworkManager_t self:capability { sys_tty_config sys_module sys_ptrace };
> +allow NetworkManager_t self:capability2 wake_alarm;
> allow NetworkManager_t self:process { ptrace getcap setcap setpgid getsched setsched signal_perms };
> allow NetworkManager_t self:fifo_file rw_fifo_file_perms;
> allow NetworkManager_t self:unix_dgram_socket sendto;
Merged.
--
Chris PeBenito
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2016-12-30 19:38 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-12-30 18:59 [refpolicy] [PATCH 1/2] devicekit: add new wake_alarm permission (capability2) Guido Trentalancia
2016-12-30 18:59 ` [refpolicy] [PATCH 2/2] networkmanager: " Guido Trentalancia
2016-12-30 19:38 ` Chris PeBenito
2016-12-30 19:38 ` [refpolicy] [PATCH 1/2] devicekit: " Chris PeBenito
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.