From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id ADE131382C5 for ; Sun, 7 Feb 2021 03:20:50 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id CD383E08C4; Sun, 7 Feb 2021 03:20:48 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id B41D1E08C4 for ; Sun, 7 Feb 2021 03:20:48 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 75FCB343865 for ; Sun, 7 Feb 2021 03:20:47 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 06E9A4CB for ; Sun, 7 Feb 2021 03:20:45 +0000 (UTC) From: "Jason Zaman" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Jason Zaman" Message-ID: <1612646109.f312afbcbc2ca62b7745e95fbe065c1f60ff28f5.perfinion@gentoo> Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/system/ X-VCS-Repository: proj/hardened-refpolicy X-VCS-Files: policy/modules/system/systemd.if X-VCS-Directories: policy/modules/system/ X-VCS-Committer: perfinion X-VCS-Committer-Name: Jason Zaman X-VCS-Revision: f312afbcbc2ca62b7745e95fbe065c1f60ff28f5 X-VCS-Branch: master Date: Sun, 7 Feb 2021 03:20:45 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: ad8652d5-d123-440e-9495-cfeb35cd8305 X-Archives-Hash: 8526f245c2bb554390e293478db98fb4 commit: f312afbcbc2ca62b7745e95fbe065c1f60ff28f5 Author: Chris PeBenito ieee org> AuthorDate: Tue Feb 2 19:02:49 2021 +0000 Commit: Jason Zaman gentoo org> CommitDate: Sat Feb 6 21:15:09 2021 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=f312afbc systemd: Fix lint errors. Signed-off-by: Chris PeBenito ieee.org> Signed-off-by: Jason Zaman gentoo.org> policy/modules/system/systemd.if | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/policy/modules/system/systemd.if b/policy/modules/system/systemd.if index d7d0eb3d..48a63cb3 100644 --- a/policy/modules/system/systemd.if +++ b/policy/modules/system/systemd.if @@ -30,7 +30,6 @@ template(`systemd_role_template',` attribute systemd_user_session_type, systemd_log_parse_env_type; type systemd_user_runtime_t, systemd_user_runtime_notify_t; type systemd_run_exec_t, systemd_analyze_exec_t; - type systemd_machined_t; ') ################################# @@ -68,7 +67,7 @@ template(`systemd_role_template',` # Allow using file descriptors for user environment generators allow $3 $1_systemd_t:fd use; - allow $3 $1_systemd_t:fifo_file rw_inherited_file_perms; + allow $3 $1_systemd_t:fifo_file rw_inherited_fifo_file_perms; # systemctl --user stream_connect_pattern($3, systemd_user_runtime_t, systemd_user_runtime_t, $1_systemd_t) @@ -1351,5 +1350,5 @@ interface(`systemd_use_machined_devpts', ` ') allow $1 systemd_machined_t:fd use; - allow $1 systemd_machined_devpts_t:chr_file { read write }; + allow $1 systemd_machined_devpts_t:chr_file rw_inherited_term_perms; ')