]> err.no Git - systemd/commit
projects / systemd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 28322e1) | patch
socket: SELinux support for socket creation.
authorDaniel J Walsh <dwalsh@redhat.com>
Thu, 22 Jul 2010 21:01:25 +0000 (17:01 -0400)
committerLennart Poettering <lennart@poettering.net>
Fri, 23 Jul 2010 03:12:13 +0000 (05:12 +0200)
commit7a58bfa4aef88c9ddead6668d83640f762938e72
tree695ac07fc012006d000393fa3e43e71db46de9e2tree | snapshot
parent28322e1eb6507f2f40418e2dcdc6ee33e38ecee6commit | diff
socket: SELinux support for socket creation.

It seems to work on my machine.

/proc/1/fd/20 system_u:system_r:system_dbusd_t:s0

/proc/1/fd/21 system_u:system_r:avahi_t:s0

And the AVC's seem to have dissapeared when a confined app trys to
connect to dbus or avahi.

If you run with this patch and selinux-policy-3.8.8-3.fc14.noarch
You should be able to boot in enforcing mode.
Makefile.am diff | blob | history
configure.ac diff | blob | history
src/socket-util.c diff | blob | history
src/socket-util.h diff | blob | history
src/socket.c diff | blob | history
systemd, git://git.err.no/systemd