[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/system/

public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/system/
@ 2014-08-15 10:04 Sven Vermeulen
  2014-08-15 10:04 ` [gentoo-commits] proj/hardened-refpolicy:salt " Sven Vermeulen
  0 siblings, 1 reply; 4+ messages in thread
From: Sven Vermeulen @ 2014-08-15 10:04 UTC (permalink / raw
  To: gentoo-commits

commit:     5248f963330c4a11ac1d737aec13afa52c5abb9f
Author:     Luis Ressel <aranea <AT> aixah <DOT> de>
AuthorDate: Mon Aug 11 12:31:32 2014 +0000
Commit:     Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Aug 15 09:57:55 2014 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=5248f963

Some of the fsadm tools can also be in /usr/sbin instead of /sbin

Signed-off-by: Luis Ressel <aranea <AT> aixah.de>

---
 policy/modules/system/fstools.fc | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/policy/modules/system/fstools.fc b/policy/modules/system/fstools.fc
index 213ceb2..bd4066e 100644
--- a/policy/modules/system/fstools.fc
+++ b/policy/modules/system/fstools.fc
@@ -50,7 +50,11 @@
 
 /usr/sbin/clubufflush	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
 /usr/sbin/fatsort	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
+/usr/sbin/fsck.*	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
+/usr/sbin/mkfs.*	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
 /usr/sbin/parted	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
+/usr/sbin/partprobe	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
+/usr/sbin/partx		--	gen_context(system_u:object_r:fsadm_exec_t,s0)
 /usr/sbin/smartctl	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
 
 /var/log/fsck(/.*)?		gen_context(system_u:object_r:fsadm_log_t,s0)


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [gentoo-commits] proj/hardened-refpolicy:salt commit in: policy/modules/system/
  2014-08-15 10:04 [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/system/ Sven Vermeulen
@ 2014-08-15 10:04 ` Sven Vermeulen
  0 siblings, 0 replies; 4+ messages in thread
From: Sven Vermeulen @ 2014-08-15 10:04 UTC (permalink / raw
  To: gentoo-commits

commit:     5248f963330c4a11ac1d737aec13afa52c5abb9f
Author:     Luis Ressel <aranea <AT> aixah <DOT> de>
AuthorDate: Mon Aug 11 12:31:32 2014 +0000
Commit:     Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Aug 15 09:57:55 2014 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=5248f963

Some of the fsadm tools can also be in /usr/sbin instead of /sbin

Signed-off-by: Luis Ressel <aranea <AT> aixah.de>

---
 policy/modules/system/fstools.fc | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/policy/modules/system/fstools.fc b/policy/modules/system/fstools.fc
index 213ceb2..bd4066e 100644
--- a/policy/modules/system/fstools.fc
+++ b/policy/modules/system/fstools.fc
@@ -50,7 +50,11 @@
 
 /usr/sbin/clubufflush	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
 /usr/sbin/fatsort	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
+/usr/sbin/fsck.*	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
+/usr/sbin/mkfs.*	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
 /usr/sbin/parted	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
+/usr/sbin/partprobe	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
+/usr/sbin/partx		--	gen_context(system_u:object_r:fsadm_exec_t,s0)
 /usr/sbin/smartctl	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
 
 /var/log/fsck(/.*)?		gen_context(system_u:object_r:fsadm_log_t,s0)


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [gentoo-commits] proj/hardened-refpolicy:salt commit in: policy/modules/system/
@ 2014-08-15 10:04 Sven Vermeulen
  0 siblings, 0 replies; 4+ messages in thread
From: Sven Vermeulen @ 2014-08-15 10:04 UTC (permalink / raw
  To: gentoo-commits

commit:     4db655ea4fcd44ce33dffd3ea7655bc824ddda90
Author:     Luis Ressel <aranea <AT> aixah <DOT> de>
AuthorDate: Mon Aug 11 12:31:33 2014 +0000
Commit:     Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Aug 15 09:57:57 2014 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=4db655ea

Label /usr/sbin/{add, del}part as fsadm_exec_t

These are seldomly-used tools from the util-linux package.

Please check if they are located in /sbin instead of /usr/sbin on other
distributions.

Signed-off-by: Luis Ressel <aranea <AT> aixah.de>

---
 policy/modules/system/fstools.fc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/policy/modules/system/fstools.fc b/policy/modules/system/fstools.fc
index bd4066e..aa1d594 100644
--- a/policy/modules/system/fstools.fc
+++ b/policy/modules/system/fstools.fc
@@ -48,7 +48,9 @@
 /usr/bin/scsi_unique_id	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
 /usr/bin/syslinux	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
 
+/usr/sbin/addpart	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
 /usr/sbin/clubufflush	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
+/usr/sbin/delpart	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
 /usr/sbin/fatsort	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
 /usr/sbin/fsck.*	--	gen_context(system_u:object_r:fsadm_exec_t,s0)
 /usr/sbin/mkfs.*	--	gen_context(system_u:object_r:fsadm_exec_t,s0)


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [gentoo-commits] proj/hardened-refpolicy:salt commit in: policy/modules/system/
@ 2014-08-15 10:04 Sven Vermeulen
  0 siblings, 0 replies; 4+ messages in thread
From: Sven Vermeulen @ 2014-08-15 10:04 UTC (permalink / raw
  To: gentoo-commits

commit:     bf1344dbd12c000f31219d90eef4c378ab72e91c
Author:     Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Thu Aug 14 19:47:55 2014 +0000
Commit:     Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Aug 15 09:57:58 2014 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=bf1344db

Module version bump for fstools fc entries from Luis Ressel.

---
 policy/modules/system/fstools.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/policy/modules/system/fstools.te b/policy/modules/system/fstools.te
index b876224..5c77a4f 100644
--- a/policy/modules/system/fstools.te
+++ b/policy/modules/system/fstools.te
@@ -1,4 +1,4 @@
-policy_module(fstools, 1.17.0)
+policy_module(fstools, 1.17.1)
 
 ########################################
 #


^ permalink raw reply related	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2014-08-15 10:04 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-08-15 10:04 [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/system/ Sven Vermeulen
2014-08-15 10:04 ` [gentoo-commits] proj/hardened-refpolicy:salt " Sven Vermeulen
  -- strict thread matches above, loose matches on Subject: below --
2014-08-15 10:04 Sven Vermeulen
2014-08-15 10:04 Sven Vermeulen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox