From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id D87AC1382C5 for ; Sun, 22 Apr 2018 12:00:50 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id AE425E0901; Sun, 22 Apr 2018 12:00:48 +0000 (UTC) Received: from smtp.gentoo.org (mail.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 85A22E0901 for ; Sun, 22 Apr 2018 12:00:48 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 969D9335C7D for ; Sun, 22 Apr 2018 12:00:47 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 5306629B for ; Sun, 22 Apr 2018 12:00:44 +0000 (UTC) From: "Jason Zaman" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Jason Zaman" Message-ID: <1524397983.b60736bf3d0ec4cae2f1e603b110e1a7391c8a69.perfinion@gentoo> Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/ X-VCS-Repository: proj/hardened-refpolicy X-VCS-Files: policy/modules/contrib/dbus.if policy/modules/contrib/rabbitmq.if X-VCS-Directories: policy/modules/contrib/ X-VCS-Committer: perfinion X-VCS-Committer-Name: Jason Zaman X-VCS-Revision: b60736bf3d0ec4cae2f1e603b110e1a7391c8a69 X-VCS-Branch: master Date: Sun, 22 Apr 2018 12:00:44 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 366673be-8018-4e76-9839-4f2a5821789c X-Archives-Hash: 21b9ba88770a06e4c92286a63294ee21 commit: b60736bf3d0ec4cae2f1e603b110e1a7391c8a69 Author: James Carter tycho nsa gov> AuthorDate: Wed Apr 11 18:56:39 2018 +0000 Commit: Jason Zaman gentoo org> CommitDate: Sun Apr 22 11:53:03 2018 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=b60736bf Fix interfaces that use an undeclared identifier These interfaces are not being called in the policy. dbus.if:dbus_send_all_session_bus() Use session_bus_type instead of dbus_session_bus_type. rabbitmq.if:rabbitmq_domtrans() Use rabbitmq_epmd_t and rabbitmq_beam_t instead of rabbitmq_t and rabbitmq_epmd_exec_t and rabbitmq_beam_exec_t instead of rabbitmq_exec_t. Signed-off-by: James Carter tycho.nsa.gov> policy/modules/contrib/dbus.if | 2 +- policy/modules/contrib/rabbitmq.if | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/policy/modules/contrib/dbus.if b/policy/modules/contrib/dbus.if index 4f62c23a..01e353ed 100644 --- a/policy/modules/contrib/dbus.if +++ b/policy/modules/contrib/dbus.if @@ -259,7 +259,7 @@ interface(`dbus_send_all_session_bus',` class dbus send_msg; ') - allow $1 dbus_session_bus_type:dbus send_msg; + allow $1 session_bus_type:dbus send_msg; ') ####################################### diff --git a/policy/modules/contrib/rabbitmq.if b/policy/modules/contrib/rabbitmq.if index 53efd0dd..854cd364 100644 --- a/policy/modules/contrib/rabbitmq.if +++ b/policy/modules/contrib/rabbitmq.if @@ -12,11 +12,13 @@ # interface(`rabbitmq_domtrans',` gen_require(` - type rabbitmq_t, rabbitmq_exec_t; + type rabbitmq_epmd_t, rabbitmq_epmd_exec_t; + type rabbitmq_beam_t, rabbitmq_beam_exec_t; ') corecmd_search_bin($1) - domtrans_pattern($1, rabbitmq_exec_t, rabbitmq_t) + domtrans_pattern($1, rabbitmq_epmd_exec_t, rabbitmq_epmd_t) + domtrans_pattern($1, rabbitmq_beam_exec_t, rabbitmq_beam_t) ') ########################################