From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 4F7151381FA for ; Wed, 30 Apr 2014 17:14:27 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 01AF5E0839; Wed, 30 Apr 2014 17:14:25 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 69E42E0839 for ; Wed, 30 Apr 2014 17:14:24 +0000 (UTC) Received: from spoonbill.gentoo.org (spoonbill.gentoo.org [81.93.255.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 936D8340181 for ; Wed, 30 Apr 2014 17:14:23 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by spoonbill.gentoo.org (Postfix) with ESMTP id A8B491818D for ; Wed, 30 Apr 2014 17:14:21 +0000 (UTC) From: "Sven Vermeulen" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Sven Vermeulen" Message-ID: <1398877978.6b6e5683fbbb08f25a5321e3f247ee50dcd9f349.swift@gentoo> Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: /, policy/ X-VCS-Repository: proj/hardened-refpolicy X-VCS-Files: Makefile Rules.modular Rules.monolithic policy/context_defaults X-VCS-Directories: / policy/ X-VCS-Committer: swift X-VCS-Committer-Name: Sven Vermeulen X-VCS-Revision: 6b6e5683fbbb08f25a5321e3f247ee50dcd9f349 X-VCS-Branch: master Date: Wed, 30 Apr 2014 17:14:21 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 0bbe2168-fcdd-4289-ac72-65219614a4cf X-Archives-Hash: 07fa86548180e368c1acc46282f4f7b1 commit: 6b6e5683fbbb08f25a5321e3f247ee50dcd9f349 Author: Chris PeBenito tresys com> AuthorDate: Mon Apr 28 14:00:36 2014 +0000 Commit: Sven Vermeulen gentoo org> CommitDate: Wed Apr 30 17:12:58 2014 +0000 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=6b6e5683 Add file for placing default_* statements. --- Makefile | 1 + Rules.modular | 2 +- Rules.monolithic | 2 +- policy/context_defaults | 11 +++++++++++ 4 files changed, 14 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index c1c6b2e..7e5bf4b 100644 --- a/Makefile +++ b/Makefile @@ -136,6 +136,7 @@ globaltun = $(poldir)/global_tunables globalbool = $(poldir)/global_booleans user_files := $(poldir)/users policycaps := $(poldir)/policy_capabilities +ctx_defaults := $(poldir)/context_defaults # local config file paths ifndef LOCAL_ROOT diff --git a/Rules.modular b/Rules.modular index 2c5f5ff..b2d2ac4 100644 --- a/Rules.modular +++ b/Rules.modular @@ -15,7 +15,7 @@ users_extra := $(tmpdir)/users_extra base_sections := $(tmpdir)/pre_te_files.conf $(tmpdir)/all_attrs_types.conf $(tmpdir)/global_bools.conf $(tmpdir)/only_te_rules.conf $(tmpdir)/all_post.conf -base_pre_te_files := $(secclass) $(isids) $(avs) $(m4support) $(poldir)/mls $(poldir)/mcs $(policycaps) +base_pre_te_files := $(secclass) $(isids) $(avs) $(ctx_defaults) $(m4support) $(poldir)/mls $(poldir)/mcs $(policycaps) base_te_files := $(base_mods) base_post_te_files := $(user_files) $(poldir)/constraints base_fc_files := $(base_mods:.te=.fc) diff --git a/Rules.monolithic b/Rules.monolithic index b635952..b8d180e 100644 --- a/Rules.monolithic +++ b/Rules.monolithic @@ -32,7 +32,7 @@ all_interfaces := $(all_modules:.te=.if) $(off_mods:.te=.if) all_te_files := $(all_modules) all_fc_files := $(all_modules:.te=.fc) -pre_te_files := $(secclass) $(isids) $(avs) $(m4support) $(poldir)/mls $(poldir)/mcs $(policycaps) +pre_te_files := $(secclass) $(isids) $(avs) $(ctx_defaults) $(m4support) $(poldir)/mls $(poldir)/mcs $(policycaps) post_te_files := $(user_files) $(poldir)/constraints policy_sections := $(tmpdir)/pre_te_files.conf $(tmpdir)/all_attrs_types.conf $(tmpdir)/global_bools.conf $(tmpdir)/only_te_rules.conf $(tmpdir)/all_post.conf diff --git a/policy/context_defaults b/policy/context_defaults new file mode 100644 index 0000000..aee96cd --- /dev/null +++ b/policy/context_defaults @@ -0,0 +1,11 @@ +# Override default policy behaviors when creating new contexts. +# +# Behavior for each of the four components of the context can +# be specified, for each object class. +# +# Examples: +# +#default_role process user; +#default_role process source; +#default_type process source; +#default_range process source low;