From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-666221-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id E0286138CE3
	for <garchives@archives.gentoo.org>; Sun,  9 Feb 2014 10:54:46 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 71A05E0A9B;
	Sun,  9 Feb 2014 10:54:39 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 682FCE0AD4
	for <gentoo-commits@lists.gentoo.org>; Sun,  9 Feb 2014 10:54:38 +0000 (UTC)
Received: from spoonbill.gentoo.org (spoonbill.gentoo.org [81.93.255.5])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 057F133F8C3
	for <gentoo-commits@lists.gentoo.org>; Sun,  9 Feb 2014 10:54:37 +0000 (UTC)
Received: from localhost.localdomain (localhost [127.0.0.1])
	by spoonbill.gentoo.org (Postfix) with ESMTP id 0FC101888E
	for <gentoo-commits@lists.gentoo.org>; Sun,  9 Feb 2014 10:54:35 +0000 (UTC)
From: "Sven Vermeulen" <swift@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Sven Vermeulen" <swift@gentoo.org>
Message-ID: <1391943071.073a0b3330c5f31fbe0a31f6c0948fc23763e8c1.swift@gentoo>
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
X-VCS-Repository: proj/hardened-refpolicy
X-VCS-Files: policy/modules/kernel/files.if
X-VCS-Directories: policy/modules/kernel/
X-VCS-Committer: swift
X-VCS-Committer-Name: Sven Vermeulen
X-VCS-Revision: 073a0b3330c5f31fbe0a31f6c0948fc23763e8c1
X-VCS-Branch: master
Date: Sun,  9 Feb 2014 10:54:35 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Archives-Salt: a72e97a7-cd01-438a-afdd-be7460835e4b
X-Archives-Hash: 0cfac3e357138f5bf0b2d81a56d64d12

commit:     073a0b3330c5f31fbe0a31f6c0948fc23763e8c1
Author:     Luis Ressel <aranea <AT> aixah <DOT> de>
AuthorDate: Sat Feb  1 11:36:49 2014 +0000
Commit:     Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Feb  9 10:51:11 2014 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=073a0b33

kernel/files.if: Add files_dontaudit_list_var interface

This is required for an update of the couchdb policy.

---
 policy/modules/kernel/files.if | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 74959e8..5cff62e 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -5239,6 +5239,25 @@ interface(`files_list_var',`
 
 ########################################
 ## <summary>
+##	Do not audit attempts to list
+##	the contents of /var.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain to not audit.
+##	</summary>
+## </param>
+#
+interface(`files_dontaudit_list_var',`
+	gen_require(`
+		type var_t;
+	')
+
+	dontaudit $1 var_t:dir list_dir_perms;
+')
+
+########################################
+## <summary>
 ##	Create, read, write, and delete directories
 ##	in the /var directory.
 ## </summary>