In vixie-cron-4.1-36.FC4 crond wants capability audit_control, is this
desired? It seems that the rawhide version vixie-cron-4.1-36.FC5 isn't doing
this, is rawhide lagging behind FC4 updates?
I've attached a patch against the FC4 policy for this...
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
--- domains/program/crond.te.orig 2005-07-29 21:55:27.000000000 +1000
+++ domains/program/crond.te 2005-07-29 21:56:00.000000000 +1000
@@ -46,7 +46,7 @@
log_domain(crond)
# Use capabilities.
-allow crond_t self:capability { dac_override setgid setuid net_bind_service sys_nice };
+allow crond_t self:capability { dac_override setgid setuid net_bind_service sys_nice audit_control };
dontaudit crond_t self:capability sys_resource;
# Get security policy decisions.
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
