Added urandom access.

author Scott Cantor <cantor.2@osu.edu>

Tue, 21 Jun 2005 01:43:36 +0000 (01:43 +0000)

committer Scott Cantor <cantor.2@osu.edu>

Tue, 21 Jun 2005 01:43:36 +0000 (01:43 +0000)
author Scott Cantor <cantor.2@osu.edu>
Tue, 21 Jun 2005 01:43:36 +0000 (01:43 +0000)
committer Scott Cantor <cantor.2@osu.edu>
Tue, 21 Jun 2005 01:43:36 +0000 (01:43 +0000)
diff --git a/selinux/shibshar.te b/selinux/shibshar.te

index d6d462f..9227f30 100644 (file)
--- a/selinux/shibshar.te
+++ b/selinux/shibshar.te
@@ -23,6 +23,8 @@ allow shibshar_t shibshar_t:unix_stream_socket create_stream_socket_perms;
  allow shibshar_t shibshar_t:netlink_route_socket { create bind getattr};
  allow shibshar_t usr_t:dir r_dir_perms;
  allow shibshar_t usr_t:file rx_file_perms;
+
+allow shibshar_t urandom_device_t:chr_file { getattr read };
   
  # Enable HTTPD to connect to the shib-shar socket and read/write to it
  can_unix_connect(httpd_t, shibshar_var_run_t)
author	Scott Cantor <cantor.2@osu.edu>
	Tue, 21 Jun 2005 01:43:36 +0000 (01:43 +0000)
committer	Scott Cantor <cantor.2@osu.edu>
	Tue, 21 Jun 2005 01:43:36 +0000 (01:43 +0000)