public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-commits] proj/hardened-refpolicy:usrmerge commit in: policy/modules/system/
@ 2017-02-05 15:13 Jason Zaman
  2017-02-16 11:34 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
  0 siblings, 1 reply; 2+ messages in thread
From: Jason Zaman @ 2017-02-05 15:13 UTC (permalink / raw
  To: gentoo-commits

commit:     a22e9f51496b244924b7103da65925d57e8603df
Author:     Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Sun Feb  5 08:58:28 2017 +0000
Commit:     Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Feb  5 15:10:31 2017 +0000
URL:        https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=a22e9f51

usrmerge: Add gentoo-specific /usr fcontexts

 policy/modules/system/fstools.fc    | 1 -
 policy/modules/system/init.fc       | 6 +++---
 policy/modules/system/lvm.fc        | 4 ++--
 policy/modules/system/sysnetwork.fc | 2 +-
 policy/modules/system/tmpfiles.fc   | 4 ++--
 policy/modules/system/udev.fc       | 7 ++-----
 6 files changed, 10 insertions(+), 14 deletions(-)

diff --git a/policy/modules/system/fstools.fc b/policy/modules/system/fstools.fc
index 5249a70..4dca3ed 100644
--- a/policy/modules/system/fstools.fc
+++ b/policy/modules/system/fstools.fc
@@ -61,6 +61,5 @@
 /run/fsck(/.*)?		gen_context(system_u:object_r:fsadm_run_t,s0)
 
 ifdef(`distro_gentoo',`
-/sbin/mkfs\.f2fs	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
 /usr/sbin/mkfs\.f2fs	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
 ')

diff --git a/policy/modules/system/init.fc b/policy/modules/system/init.fc
index 3e1365c..19a953f 100644
--- a/policy/modules/system/init.fc
+++ b/policy/modules/system/init.fc
@@ -81,13 +81,13 @@ ifdef(`distro_gentoo',`
 #
 # /lib
 #
-/lib/rc/console(/.*)?		gen_context(system_u:object_r:initrc_state_t,s0)
-/lib/rc/cache(/.*)?		gen_context(system_u:object_r:initrc_state_t,s0)
+/usr/lib/rc/console(/.*)?		gen_context(system_u:object_r:initrc_state_t,s0)
+/usr/lib/rc/cache(/.*)?		gen_context(system_u:object_r:initrc_state_t,s0)
 
 #
 # /sbin
 #
-/sbin/openrc		--	gen_context(system_u:object_r:rc_exec_t,s0)
+/usr/sbin/openrc		--	gen_context(system_u:object_r:rc_exec_t,s0)
 
 #
 # /var

diff --git a/policy/modules/system/lvm.fc b/policy/modules/system/lvm.fc
index 8f4988e..3fc24cc 100644
--- a/policy/modules/system/lvm.fc
+++ b/policy/modules/system/lvm.fc
@@ -100,9 +100,9 @@ ifdef(`distro_gentoo',`
 
 ifdef(`distro_gentoo',`
 # Bug 529430 comment 7
-/sbin/lvmetad		--	gen_context(system_u:object_r:lvm_exec_t,s0)
+/usr/sbin/lvmetad		--	gen_context(system_u:object_r:lvm_exec_t,s0)
 /var/run/lvm(/.*)?		gen_context(system_u:object_r:lvm_var_run_t,s0)
 
 # Bug 529430 comment 8
-/sbin/dmeventd		--	gen_context(system_u:object_r:lvm_exec_t,s0)
+/usr/sbin/dmeventd		--	gen_context(system_u:object_r:lvm_exec_t,s0)
 ')

diff --git a/policy/modules/system/sysnetwork.fc b/policy/modules/system/sysnetwork.fc
index a295f46..2c93c41 100644
--- a/policy/modules/system/sysnetwork.fc
+++ b/policy/modules/system/sysnetwork.fc
@@ -72,7 +72,7 @@ ifdef(`distro_debian',`
 ')
 
 ifdef(`distro_gentoo',`
-/lib/dhcpcd/dhcpcd-run-hooks	--	gen_context(system_u:object_r:dhcpc_script_exec_t,s0)
+/usr/lib/dhcpcd/dhcpcd-run-hooks	--	gen_context(system_u:object_r:dhcpc_script_exec_t,s0)
 /var/run/dhcpcd\.sock	-s	gen_context(system_u:object_r:dhcpc_var_run_t,s0)
 /var/run/dhcpcd\.unpriv\.sock	-s	gen_context(system_u:object_r:dhcpc_var_run_t,s0)
 ')

diff --git a/policy/modules/system/tmpfiles.fc b/policy/modules/system/tmpfiles.fc
index 12fd30a..3f9b2b8 100644
--- a/policy/modules/system/tmpfiles.fc
+++ b/policy/modules/system/tmpfiles.fc
@@ -2,6 +2,6 @@
 /etc/tmpfiles.d(/.*)?				gen_context(system_u:object_r:tmpfiles_conf_t,s0)
 /var/run/tmpfiles.d(/.*)?			gen_context(system_u:object_r:tmpfiles_var_run_t,s0)
 
-/lib/rc/bin/checkpath			--	gen_context(system_u:object_r:tmpfiles_exec_t,s0)
-/lib/rc/sh/tmpfiles.sh			--	gen_context(system_u:object_r:tmpfiles_exec_t,s0)
+/usr/lib/rc/bin/checkpath			--	gen_context(system_u:object_r:tmpfiles_exec_t,s0)
+/usr/lib/rc/sh/tmpfiles.sh			--	gen_context(system_u:object_r:tmpfiles_exec_t,s0)
 

diff --git a/policy/modules/system/udev.fc b/policy/modules/system/udev.fc
index 6801d63..de64670 100644
--- a/policy/modules/system/udev.fc
+++ b/policy/modules/system/udev.fc
@@ -42,11 +42,8 @@ ifdef(`distro_debian',`
 ')
 
 ifdef(`distro_gentoo',`
-/bin/udevadm	--	gen_context(system_u:object_r:udev_exec_t,s0)
-
-/lib/udev/udevd	--	gen_context(system_u:object_r:udev_exec_t,s0)
-/lib/udev/rules\.d(/.*)?	gen_context(system_u:object_r:udev_rules_t,s0)
-/lib/systemd/systemd-udevd  --  gen_context(system_u:object_r:udev_exec_t,s0)
+/usr/lib/udev/udevd	--	gen_context(system_u:object_r:udev_exec_t,s0)
+/usr/lib/udev/rules\.d(/.*)?	gen_context(system_u:object_r:udev_rules_t,s0)
 
 /usr/bin/udevadm	--	gen_context(system_u:object_r:udev_exec_t,s0)
 


^ permalink raw reply related	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-02-16 11:34 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-02-05 15:13 [gentoo-commits] proj/hardened-refpolicy:usrmerge commit in: policy/modules/system/ Jason Zaman
2017-02-16 11:34 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox