From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: <gentoo-commits+bounces-750791-garchives=archives.gentoo.org@lists.gentoo.org> Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 0C67D1389E2 for <garchives@archives.gentoo.org>; Thu, 27 Nov 2014 08:31:39 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id D0503E0809; Thu, 27 Nov 2014 08:31:36 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 427F6E0809 for <gentoo-commits@lists.gentoo.org>; Thu, 27 Nov 2014 08:31:36 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id CE276340693 for <gentoo-commits@lists.gentoo.org>; Thu, 27 Nov 2014 08:31:34 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 748FBB01C for <gentoo-commits@lists.gentoo.org>; Thu, 27 Nov 2014 08:31:33 +0000 (UTC) From: "Jason Zaman" <gentoo@perfinion.com> To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Jason Zaman" <gentoo@perfinion.com> Message-ID: <1417004891.3f6c14f9b89350b60e83e5f7764b7a095df7b005.perfinion@gentoo> Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/system/ X-VCS-Repository: proj/hardened-refpolicy X-VCS-Files: policy/modules/system/userdomain.if X-VCS-Directories: policy/modules/system/ X-VCS-Committer: perfinion X-VCS-Committer-Name: Jason Zaman X-VCS-Revision: 3f6c14f9b89350b60e83e5f7764b7a095df7b005 X-VCS-Branch: master Date: Thu, 27 Nov 2014 08:31:33 +0000 (UTC) Precedence: bulk List-Post: <mailto:gentoo-commits@lists.gentoo.org> List-Help: <mailto:gentoo-commits+help@lists.gentoo.org> List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org> List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org> List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org> X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 2b4aa3a0-89f8-423e-a722-15245784e19b X-Archives-Hash: b69664a3f9dd10bdea719936e0a2c494 commit: 3f6c14f9b89350b60e83e5f7764b7a095df7b005 Author: Jason Zaman <jason <AT> perfinion <DOT> com> AuthorDate: Tue Nov 25 20:00:07 2014 +0000 Commit: Jason Zaman <gentoo <AT> perfinion <DOT> com> CommitDate: Wed Nov 26 12:28:11 2014 +0000 URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=3f6c14f9 Introduce userdom_manage_user_tmp_chr_files interface --- policy/modules/system/userdomain.if | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if index 16a95cc..eba23be 100644 --- a/policy/modules/system/userdomain.if +++ b/policy/modules/system/userdomain.if @@ -3630,3 +3630,23 @@ interface(`userdom_manage_all_user_home_content',` manage_fifo_files_pattern($1, user_home_content_type, user_home_content_type) manage_sock_files_pattern($1, user_home_content_type, user_home_content_type) ') + +######################################## +## <summary> +## Create, read, write, and delete user +## temporary character files. +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`userdom_manage_user_tmp_chr_files',` + gen_require(` + type user_tmp_t; + ') + + manage_chr_files_pattern($1, user_tmp_t, user_tmp_t) + files_search_tmp($1) +') From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: <gentoo-commits+bounces-750728-garchives=archives.gentoo.org@lists.gentoo.org> Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 264011389E2 for <garchives@archives.gentoo.org>; Wed, 26 Nov 2014 16:22:27 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id A5DD3E085E; Wed, 26 Nov 2014 16:22:25 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 59D90E07D0 for <gentoo-commits@lists.gentoo.org>; Wed, 26 Nov 2014 16:22:25 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 3C9B83401CA for <gentoo-commits@lists.gentoo.org>; Wed, 26 Nov 2014 16:22:24 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id CB294AF5A for <gentoo-commits@lists.gentoo.org>; Wed, 26 Nov 2014 16:22:22 +0000 (UTC) From: "Jason Zaman" <gentoo@perfinion.com> To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Jason Zaman" <gentoo@perfinion.com> Message-ID: <1417004891.3f6c14f9b89350b60e83e5f7764b7a095df7b005.perfinion@gentoo> Subject: [gentoo-commits] proj/hardened-refpolicy:initrd commit in: policy/modules/system/ X-VCS-Repository: proj/hardened-refpolicy X-VCS-Files: policy/modules/system/userdomain.if X-VCS-Directories: policy/modules/system/ X-VCS-Committer: perfinion X-VCS-Committer-Name: Jason Zaman X-VCS-Revision: 3f6c14f9b89350b60e83e5f7764b7a095df7b005 X-VCS-Branch: initrd Date: Wed, 26 Nov 2014 16:22:22 +0000 (UTC) Precedence: bulk List-Post: <mailto:gentoo-commits@lists.gentoo.org> List-Help: <mailto:gentoo-commits+help@lists.gentoo.org> List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org> List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org> List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org> X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 5878b472-86c6-41d6-a39c-134229376454 X-Archives-Hash: 125da12efe2bf5b6dd04345709b67f55 Message-ID: <20141126162222.IGg-ZCW5QV5i1_ww-tQLrO7Y4OGN6dUirNzuI28LbkQ@z> commit: 3f6c14f9b89350b60e83e5f7764b7a095df7b005 Author: Jason Zaman <jason <AT> perfinion <DOT> com> AuthorDate: Tue Nov 25 20:00:07 2014 +0000 Commit: Jason Zaman <gentoo <AT> perfinion <DOT> com> CommitDate: Wed Nov 26 12:28:11 2014 +0000 URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=3f6c14f9 Introduce userdom_manage_user_tmp_chr_files interface --- policy/modules/system/userdomain.if | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if index 16a95cc..eba23be 100644 --- a/policy/modules/system/userdomain.if +++ b/policy/modules/system/userdomain.if @@ -3630,3 +3630,23 @@ interface(`userdom_manage_all_user_home_content',` manage_fifo_files_pattern($1, user_home_content_type, user_home_content_type) manage_sock_files_pattern($1, user_home_content_type, user_home_content_type) ') + +######################################## +## <summary> +## Create, read, write, and delete user +## temporary character files. +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`userdom_manage_user_tmp_chr_files',` + gen_require(` + type user_tmp_t; + ') + + manage_chr_files_pattern($1, user_tmp_t, user_tmp_t) + files_search_tmp($1) +')