From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-685188-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 5E2E5138A1F
	for <garchives@archives.gentoo.org>; Fri, 11 Apr 2014 17:48:57 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 87DB5E0A8C;
	Fri, 11 Apr 2014 17:48:56 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id F09EFE0A7F
	for <gentoo-commits@lists.gentoo.org>; Fri, 11 Apr 2014 17:48:55 +0000 (UTC)
Received: from spoonbill.gentoo.org (spoonbill.gentoo.org [81.93.255.5])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 239A73401A8
	for <gentoo-commits@lists.gentoo.org>; Fri, 11 Apr 2014 17:48:55 +0000 (UTC)
Received: from localhost.localdomain (localhost [127.0.0.1])
	by spoonbill.gentoo.org (Postfix) with ESMTP id 423F6188C9
	for <gentoo-commits@lists.gentoo.org>; Fri, 11 Apr 2014 17:48:53 +0000 (UTC)
From: "Sven Vermeulen" <swift@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Sven Vermeulen" <swift@gentoo.org>
Message-ID: <1397238406.f04beadc745baa12d14310a2e12757d945d67101.swift@gentoo>
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/
X-VCS-Repository: proj/hardened-refpolicy
X-VCS-Files: policy/modules/contrib/finger.fc policy/modules/contrib/rhcs.fc policy/modules/contrib/setroubleshoot.fc
X-VCS-Directories: policy/modules/contrib/
X-VCS-Committer: swift
X-VCS-Committer-Name: Sven Vermeulen
X-VCS-Revision: f04beadc745baa12d14310a2e12757d945d67101
X-VCS-Branch: master
Date: Fri, 11 Apr 2014 17:48:53 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Archives-Salt: 9c23021e-3ae5-4fd8-add5-e3284b716b78
X-Archives-Hash: a4568a56722c29ef024224baf66954e6

commit:     f04beadc745baa12d14310a2e12757d945d67101
Author:     Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Sat Apr  5 20:37:45 2014 +0000
Commit:     Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Apr 11 17:46:46 2014 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=f04beadc

Fix strange file patterns

Some file patterns look very strange, like:

    /var/log/cluster/.*\.*log

I've found such patterns while writing a script that parses the file patterns.
Hence I haven't tested if the new file contexts apply to the existing files.
For example, this patch changes

    /var/run/*.fingerd\.pid

to

    /var/run/fingerd\.pid

because "/*" seems weird to me, but this also changes the semantic of the
pattern.  Another possibility which doesn't change the meaning is:

    /var/run/?.fingerd\.pid

I send this patch as an RFC because what I consider abnormal may in fact be
something expected or a workaround to fix some bugs I'm not aware of.

---
 policy/modules/contrib/finger.fc         | 2 +-
 policy/modules/contrib/rhcs.fc           | 2 +-
 policy/modules/contrib/setroubleshoot.fc | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/policy/modules/contrib/finger.fc b/policy/modules/contrib/finger.fc
index 843940b..623421d 100644
--- a/policy/modules/contrib/finger.fc
+++ b/policy/modules/contrib/finger.fc
@@ -7,4 +7,4 @@
 
 /var/log/cfingerd\.log.*	--	gen_context(system_u:object_r:fingerd_log_t,s0)
 
-/var/run/*.fingerd\.pid	--	gen_context(system_u:object_r:fingerd_var_run_t,s0)
+/var/run/fingerd\.pid	--	gen_context(system_u:object_r:fingerd_var_run_t,s0)

diff --git a/policy/modules/contrib/rhcs.fc b/policy/modules/contrib/rhcs.fc
index 47de2d6..c619502 100644
--- a/policy/modules/contrib/rhcs.fc
+++ b/policy/modules/contrib/rhcs.fc
@@ -14,7 +14,7 @@
 
 /var/lib/qdiskd(/.*)?	gen_context(system_u:object_r:qdiskd_var_lib_t,s0)
 
-/var/log/cluster/.*\.*log	<<none>>
+/var/log/cluster/.*\.log	<<none>>
 /var/log/cluster/dlm_controld\.log.*	--	gen_context(system_u:object_r:dlm_controld_var_log_t,s0)
 /var/log/cluster/fenced\.log.*	--	gen_context(system_u:object_r:fenced_var_log_t,s0)
 /var/log/cluster/gfs_controld\.log.*	--	gen_context(system_u:object_r:gfs_controld_var_log_t,s0)

diff --git a/policy/modules/contrib/setroubleshoot.fc b/policy/modules/contrib/setroubleshoot.fc
index 0b3a971..e89c06f 100644
--- a/policy/modules/contrib/setroubleshoot.fc
+++ b/policy/modules/contrib/setroubleshoot.fc
@@ -1,6 +1,6 @@
 /usr/sbin/setroubleshootd	--	gen_context(system_u:object_r:setroubleshootd_exec_t,s0)
 
-/usr/share/setroubleshoot/SetroubleshootFixit\.py*	--	gen_context(system_u:object_r:setroubleshoot_fixit_exec_t,s0)
+/usr/share/setroubleshoot/SetroubleshootFixit\.py	--	gen_context(system_u:object_r:setroubleshoot_fixit_exec_t,s0)
 
 /var/run/setroubleshoot(/.*)?	gen_context(system_u:object_r:setroubleshoot_var_run_t,s0)