From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 804E81382C5 for ; Sun, 22 Apr 2018 12:00:51 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id EEE16E090E; Sun, 22 Apr 2018 12:00:48 +0000 (UTC) Received: from smtp.gentoo.org (mail.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id B602AE0909 for ; Sun, 22 Apr 2018 12:00:48 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 99747335C7E for ; Sun, 22 Apr 2018 12:00:47 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 65FC829C for ; Sun, 22 Apr 2018 12:00:44 +0000 (UTC) From: "Jason Zaman" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Jason Zaman" Message-ID: <1524397983.9e9a550bda8bd26f72427991d261486faa7d8461.perfinion@gentoo> Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/ X-VCS-Repository: proj/hardened-refpolicy X-VCS-Files: policy/modules/contrib/djbdns.if policy/modules/contrib/firewalld.if policy/modules/contrib/ftp.te policy/modules/contrib/tftp.if policy/modules/contrib/wm.if X-VCS-Directories: policy/modules/contrib/ X-VCS-Committer: perfinion X-VCS-Committer-Name: Jason Zaman X-VCS-Revision: 9e9a550bda8bd26f72427991d261486faa7d8461 X-VCS-Branch: master Date: Sun, 22 Apr 2018 12:00:44 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: a1bb54e2-38a4-45cc-b1b2-50ff02a7cd7b X-Archives-Hash: 99047956bdd3023434fadce0ade6130f commit: 9e9a550bda8bd26f72427991d261486faa7d8461 Author: James Carter tycho nsa gov> AuthorDate: Wed Apr 11 18:57:04 2018 +0000 Commit: Jason Zaman gentoo org> CommitDate: Sun Apr 22 11:53:03 2018 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=9e9a550b Fix typos in identifier names The interfaces djbdns_link_tinydns_keys(), firewalld_admin(), tftp_etc_filetrans_config(), and wm_write_pipes() were always being removed because of unmet requires. In djbdns.if:djbdns_link_tinydns_keys() djbdns_tinydn_t should be djbdns_tinydns_t Called in contrib/cron.te In firewald.if:firewalld_admin() firewall_etc_rw_t should be firewalld_etc_rw_t Called in roles/sysadm.te In ftp.te: tcpd_t should be ftpd_t In tftp.if:tftp_etc_filetrans_config() tftp_conf_t should be tftpd_conf_t Called in contrib/cobbler.te In wm.if:wm_write_pipes() $_t should be $1_wm_t Called in wm_role_template() which is called in roles/unprivuser.te, roles/sysadm.te, and roles/staff.te. wm_role_template is also called in system/userdomain.if:userdom_restricted_xwindows_user_template() which is called in contrib/xguest.te. Signed-off-by: James Carter tycho.nsa.gov> policy/modules/contrib/djbdns.if | 4 ++-- policy/modules/contrib/firewalld.if | 4 ++-- policy/modules/contrib/ftp.te | 2 +- policy/modules/contrib/tftp.if | 4 ++-- policy/modules/contrib/wm.if | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/policy/modules/contrib/djbdns.if b/policy/modules/contrib/djbdns.if index 671d3c0a..dd87a12a 100644 --- a/policy/modules/contrib/djbdns.if +++ b/policy/modules/contrib/djbdns.if @@ -71,8 +71,8 @@ interface(`djbdns_search_tinydns_keys',` # interface(`djbdns_link_tinydns_keys',` gen_require(` - type djbdns_tinydn_t; + type djbdns_tinydns_t; ') - allow $1 djbdns_tinydn_t:key link; + allow $1 djbdns_tinydns_t:key link; ') diff --git a/policy/modules/contrib/firewalld.if b/policy/modules/contrib/firewalld.if index d5f86696..b4fda82c 100644 --- a/policy/modules/contrib/firewalld.if +++ b/policy/modules/contrib/firewalld.if @@ -98,7 +98,7 @@ interface(`firewalld_read_var_run_files',` interface(`firewalld_admin',` gen_require(` type firewalld_t, firewalld_initrc_exec_t; - type firewall_etc_rw_t, firewalld_var_run_t; + type firewalld_etc_rw_t, firewalld_var_run_t; type firewalld_var_log_t; ') @@ -114,5 +114,5 @@ interface(`firewalld_admin',` admin_pattern($1, firewalld_var_log_t) files_search_etc($1) - admin_pattern($1, firewall_etc_rw_t) + admin_pattern($1, firewalld_etc_rw_t) ') diff --git a/policy/modules/contrib/ftp.te b/policy/modules/contrib/ftp.te index 0a5465a6..a711bfbd 100644 --- a/policy/modules/contrib/ftp.te +++ b/policy/modules/contrib/ftp.te @@ -394,7 +394,7 @@ optional_policy(` inetd_tcp_service_domain(ftpd_t, ftpd_exec_t) optional_policy(` - tcpd_domtrans(tcpd_t) + tcpd_domtrans(ftpd_t) ') ') diff --git a/policy/modules/contrib/tftp.if b/policy/modules/contrib/tftp.if index dae82eb7..b32fa3c0 100644 --- a/policy/modules/contrib/tftp.if +++ b/policy/modules/contrib/tftp.if @@ -105,10 +105,10 @@ interface(`tftp_manage_config_files',` # interface(`tftp_etc_filetrans_config',` gen_require(` - type tftp_conf_t; + type tftpd_conf_t; ') - files_etc_filetrans($1, tftp_conf_t, $2, $3) + files_etc_filetrans($1, tftpd_conf_t, $2, $3) ') ######################################## diff --git a/policy/modules/contrib/wm.if b/policy/modules/contrib/wm.if index bb0d3ea7..260a7b01 100644 --- a/policy/modules/contrib/wm.if +++ b/policy/modules/contrib/wm.if @@ -245,7 +245,7 @@ interface(`wm_application_domain',` # interface(`wm_write_pipes',` gen_require(` - type $1_t; + type $1_wm_t; ') allow $2 $1_wm_t:fifo_file write;