From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (unknown [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id AC45B1381FA for ; Thu, 22 May 2014 16:33:15 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 17D39E09C3; Thu, 22 May 2014 16:33:15 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 865BDE09C3 for ; Thu, 22 May 2014 16:33:14 +0000 (UTC) Received: from spoonbill.gentoo.org (unknown [81.93.255.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 8E85E33FDE1 for ; Thu, 22 May 2014 16:33:13 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by spoonbill.gentoo.org (Postfix) with ESMTP id 3BC51182D3 for ; Thu, 22 May 2014 16:33:12 +0000 (UTC) From: "Sven Vermeulen" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Sven Vermeulen" Message-ID: <1400776327.48be2f701bc828ed49544836c4963b9d9eab0489.swift@gentoo> Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/ X-VCS-Repository: proj/hardened-refpolicy X-VCS-Files: policy/modules/contrib/java.fc X-VCS-Directories: policy/modules/contrib/ X-VCS-Committer: swift X-VCS-Committer-Name: Sven Vermeulen X-VCS-Revision: 48be2f701bc828ed49544836c4963b9d9eab0489 X-VCS-Branch: master Date: Thu, 22 May 2014 16:33:12 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: e1b1ed01-e90e-4704-bc74-254a7e4cb06b X-Archives-Hash: e34c9942c07571c2f7aa63c2c06a8f76 commit: 48be2f701bc828ed49544836c4963b9d9eab0489 Author: Sven Vermeulen siphos be> AuthorDate: Sat May 17 15:26:50 2014 +0000 Commit: Sven Vermeulen gentoo org> CommitDate: Thu May 22 16:32:07 2014 +0000 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=48be2f70 Mark icedtea binaries as java_exec_t Add the icedtea location to the java file contexts so that the icedtea java binaries are marked as java_exec_t. See also https://bugs.gentoo.org/show_bug.cgi?id=510364 Signed-off-by: Sven Vermeulen siphos.be> --- policy/modules/contrib/java.fc | 1 + 1 file changed, 1 insertion(+) diff --git a/policy/modules/contrib/java.fc b/policy/modules/contrib/java.fc index e3be797..cc4f515 100644 --- a/policy/modules/contrib/java.fc +++ b/policy/modules/contrib/java.fc @@ -22,6 +22,7 @@ HOME_DIR/\.java(/.*)? gen_context(system_u:object_r:java_home_t,s0) /usr/lib/bin/java[^/]* -- gen_context(system_u:object_r:java_exec_t,s0) /usr/lib/eclipse/eclipse -- gen_context(system_u:object_r:java_exec_t,s0) +/usr/lib/icedtea[67]/bin(/.*)? -- gen_context(system_u:object_r:java_exec_t,s0) /usr/lib/jvm/java(.*/)bin(/.*)? -- gen_context(system_u:object_r:java_exec_t,s0) /usr/lib/opera(/.*)?/opera -- gen_context(system_u:object_r:java_exec_t,s0) /usr/lib/opera(/.*)?/works -- gen_context(system_u:object_r:java_exec_t,s0)