From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-601689-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id A8C361381F3
	for <garchives@archives.gentoo.org>; Sun, 23 Jun 2013 10:11:09 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 4BE30E0888;
	Sun, 23 Jun 2013 10:11:07 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id DA017E0888
	for <gentoo-commits@lists.gentoo.org>; Sun, 23 Jun 2013 10:11:06 +0000 (UTC)
Received: from hornbill.gentoo.org (hornbill.gentoo.org [94.100.119.163])
	(using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id BD6D933E014
	for <gentoo-commits@lists.gentoo.org>; Sun, 23 Jun 2013 10:11:05 +0000 (UTC)
Received: from localhost.localdomain (localhost [127.0.0.1])
	by hornbill.gentoo.org (Postfix) with ESMTP id 5789FE468F
	for <gentoo-commits@lists.gentoo.org>; Sun, 23 Jun 2013 10:11:04 +0000 (UTC)
From: "Sven Vermeulen" <sven.vermeulen@siphos.be>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Sven Vermeulen" <sven.vermeulen@siphos.be>
Message-ID: <1371982092.9007d9da3b3e1d88d1e217ab886b41c4e3f588b6.SwifT@gentoo>
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/system/
X-VCS-Repository: proj/hardened-refpolicy
X-VCS-Files: policy/modules/system/sysnetwork.te
X-VCS-Directories: policy/modules/system/
X-VCS-Committer: SwifT
X-VCS-Committer-Name: Sven Vermeulen
X-VCS-Revision: 9007d9da3b3e1d88d1e217ab886b41c4e3f588b6
X-VCS-Branch: master
Date: Sun, 23 Jun 2013 10:11:04 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Archives-Salt: 52a2ad65-ca80-4792-89dc-8bb9ac986dd2
X-Archives-Hash: 3ae2593570e180859a46d0d9f3ff8e8e

commit:     9007d9da3b3e1d88d1e217ab886b41c4e3f588b6
Author:     Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sun Jun 23 10:08:12 2013 +0000
Commit:     Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Sun Jun 23 10:08:12 2013 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=9007d9da

Fix bug 468874 - Add rawip_socket perms for ipv6 support

Is sent to upstream but doesn't seem to be added (soon).

---
 policy/modules/system/sysnetwork.te | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/policy/modules/system/sysnetwork.te b/policy/modules/system/sysnetwork.te
index 327beca..18b6986 100644
--- a/policy/modules/system/sysnetwork.te
+++ b/policy/modules/system/sysnetwork.te
@@ -366,3 +366,13 @@ optional_policy(`
 	xen_append_log(ifconfig_t)
 	xen_dontaudit_rw_unix_stream_sockets(ifconfig_t)
 ')
+
+ifdef(`distro_gentoo',`
+	###########################################
+	# 
+	# dhcp client policy
+	#
+
+	# Fixes bug 468874
+	allow dhcpc_t self:rawip_socket create_socket_perms;
+')