1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
From a1c0776ac6405d1b6aeadf07cc222f5cc9daa424 Mon Sep 17 00:00:00 2001
From: Yi Zhao <yi.zhao@windriver.com>
Date: Fri, 15 Nov 2019 11:06:13 +0800
Subject: [PATCH] fc/ldap: apply policy to ldap alternatives
Upstream-Status: Inappropriate [embedded specific]
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
policy/modules/services/ldap.fc | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/policy/modules/services/ldap.fc b/policy/modules/services/ldap.fc
index 0a1d08d0f..65b202962 100644
--- a/policy/modules/services/ldap.fc
+++ b/policy/modules/services/ldap.fc
@@ -1,8 +1,10 @@
/etc/ldap/slapd\.conf -- gen_context(system_u:object_r:slapd_etc_t,s0)
/etc/openldap/certs(/.*)? gen_context(system_u:object_r:slapd_cert_t,s0)
/etc/openldap/slapd\.d(/.*)? gen_context(system_u:object_r:slapd_db_t,s0)
+/etc/openldap/slapd\.conf -- gen_context(system_u:object_r:slapd_etc_t,s0)
/etc/rc\.d/init\.d/ldap -- gen_context(system_u:object_r:slapd_initrc_exec_t,s0)
+/etc/rc\.d/init\.d/openldap -- gen_context(system_u:object_r:slapd_initrc_exec_t,s0)
/usr/bin/slapd -- gen_context(system_u:object_r:slapd_exec_t,s0)
@@ -25,6 +27,9 @@
/var/log/ldap.* gen_context(system_u:object_r:slapd_log_t,s0)
/var/log/slapd.* gen_context(system_u:object_r:slapd_log_t,s0)
+/var/openldap(/.*)? gen_context(system_u:object_r:slapd_db_t,s0)
+/var/openldap/replog(/.*)? gen_context(system_u:object_r:slapd_replog_t,s0)
+
/run/ldapi -s gen_context(system_u:object_r:slapd_runtime_t,s0)
/run/openldap(/.*)? gen_context(system_u:object_r:slapd_runtime_t,s0)
/run/slapd.* -s gen_context(system_u:object_r:slapd_runtime_t,s0)
--
2.25.1
|
