On 1/26/21 10:15 PM, Russell Coker wrote:
I think this one is ready to merge.
Signed-off-by: Russell Coker <russell@xxxxxxxxxxxx>
Merged.
I've added a new mmap_manage_files_pattern() macro and applied it to the changes.
@@ -899,6 +909,7 @@ optional_policy(`
#
read_files_pattern(httpd_helper_t, httpd_config_t, httpd_config_t)
+allow httpd_t httpd_config_t:file map;
I assumed this was a typo and the source type was httpd_helper_t instead of httpd_t.
Index: refpolicy-2.20210126/policy/modules/services/cron.te
===================================================================
--- refpolicy-2.20210126.orig/policy/modules/services/cron.te
+++ refpolicy-2.20210126/policy/modules/services/cron.te
@@ -304,6 +304,8 @@ init_start_all_units(system_cronjob_t)
init_get_generic_units_status(system_cronjob_t)
init_get_system_status(system_cronjob_t)
+backup_manage_store_files(system_cronjob_t)
I made this optional.
There were a few other lines that I moved around.
--
Chris PeBenito
