From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-hardened+bounces-4956-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 83E8913888F
	for <garchives@archives.gentoo.org>; Sat, 17 Oct 2015 17:03:52 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id EC26221C08E;
	Sat, 17 Oct 2015 17:03:48 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 4CFA521C068
	for <gentoo-hardened@lists.gentoo.org>; Sat, 17 Oct 2015 17:03:48 +0000 (UTC)
Received: from localhost (unknown [IPv6:2404:e800:e600:cf9:fdad:db22:da34:69f1])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	(Authenticated sender: perfinion)
	by smtp.gentoo.org (Postfix) with ESMTPSA id AACF334084A
	for <gentoo-hardened@lists.gentoo.org>; Sat, 17 Oct 2015 17:03:43 +0000 (UTC)
Date: Sun, 18 Oct 2015 01:03:36 +0800
From: Jason Zaman <perfinion@gentoo.org>
To: gentoo-hardened@lists.gentoo.org
Subject: Re: [gentoo-hardened] [PATCH 1/4] portage: Dontaudit setattr in
 portage_dontaudit_write_cache
Message-ID: <20151017170336.GA27847@meriadoc>
References: <1444905883-17436-1-git-send-email-aranea@aixah.de>
Precedence: bulk
List-Post: <mailto:gentoo-hardened@lists.gentoo.org>
List-Help: <mailto:gentoo-hardened+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-hardened+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-hardened+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-hardened.gentoo.org>
X-BeenThere: gentoo-hardened@lists.gentoo.org
Reply-to: gentoo-hardened@lists.gentoo.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1444905883-17436-1-git-send-email-aranea@aixah.de>
User-Agent: Mutt/1.5.23 (2014-03-12)
X-Archives-Salt: c004ae61-68ec-4950-802c-87192c909253
X-Archives-Hash: 748d63c526198f3e477b82c5094c078c

On Thu, Oct 15, 2015 at 12:44:40PM +0200, Luis Ressel wrote:
> ---
>  policy/modules/contrib/portage.if | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/policy/modules/contrib/portage.if b/policy/modules/contrib/portage.if
> index 640a63b..c98a763 100644
> --- a/policy/modules/contrib/portage.if
> +++ b/policy/modules/contrib/portage.if
> @@ -511,6 +511,6 @@ interface(`portage_dontaudit_write_cache',`
>  		type portage_cache_t;
>  	')
>  
> -	dontaudit $1 portage_cache_t:dir { write };
> +	dontaudit $1 portage_cache_t:dir { setattr write };
>  ')
>  
> -- 
> 2.6.1

Applied this set, thanks!

-- Jason