1 |
commit: 427a4405fcf5c368d286ae4be7ab87aca9464903 |
2 |
Author: Dominick Grift <dominick.grift <AT> gmail <DOT> com> |
3 |
AuthorDate: Wed Sep 25 15:07:18 2013 +0000 |
4 |
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Sep 30 19:01:59 2013 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=427a4405 |
7 |
|
8 |
cron: consistent usage of regular expressions cron: prelink no longer runs in the system cronjob domain |
9 |
|
10 |
Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com> |
11 |
|
12 |
--- |
13 |
policy/modules/contrib/cron.fc | 4 ++-- |
14 |
policy/modules/contrib/cron.te | 10 +--------- |
15 |
2 files changed, 3 insertions(+), 11 deletions(-) |
16 |
|
17 |
diff --git a/policy/modules/contrib/cron.fc b/policy/modules/contrib/cron.fc |
18 |
index d41ecce..3d06fed 100644 |
19 |
--- a/policy/modules/contrib/cron.fc |
20 |
+++ b/policy/modules/contrib/cron.fc |
21 |
@@ -20,8 +20,8 @@ |
22 |
/var/log/rpmpkgs.* -- gen_context(system_u:object_r:cron_log_t,s0) |
23 |
|
24 |
/var/run/anacron\.pid -- gen_context(system_u:object_r:crond_var_run_t,s0) |
25 |
-/var/run/crond?\.pid -- gen_context(system_u:object_r:crond_var_run_t,s0) |
26 |
-/var/run/crond?\.reboot -- gen_context(system_u:object_r:crond_var_run_t,s0) |
27 |
+/var/run/cron(d)?\.pid -- gen_context(system_u:object_r:crond_var_run_t,s0) |
28 |
+/var/run/cron(d)?\.reboot -- gen_context(system_u:object_r:crond_var_run_t,s0) |
29 |
/var/run/fcron\.fifo -s gen_context(system_u:object_r:crond_var_run_t,s0) |
30 |
/var/run/fcron\.pid -- gen_context(system_u:object_r:crond_var_run_t,s0) |
31 |
/var/run/.*cron.* -- gen_context(system_u:object_r:crond_var_run_t,s0) |
32 |
|
33 |
diff --git a/policy/modules/contrib/cron.te b/policy/modules/contrib/cron.te |
34 |
index 3776173..6cd8495 100644 |
35 |
--- a/policy/modules/contrib/cron.te |
36 |
+++ b/policy/modules/contrib/cron.te |
37 |
@@ -1,4 +1,4 @@ |
38 |
-policy_module(cron, 2.6.2) |
39 |
+policy_module(cron, 2.6.3) |
40 |
|
41 |
gen_require(` |
42 |
class passwd rootok; |
43 |
@@ -602,14 +602,6 @@ optional_policy(` |
44 |
') |
45 |
|
46 |
optional_policy(` |
47 |
- prelink_delete_cache(system_cronjob_t) |
48 |
- prelink_manage_lib(system_cronjob_t) |
49 |
- prelink_manage_log(system_cronjob_t) |
50 |
- prelink_read_cache(system_cronjob_t) |
51 |
- prelink_relabelfrom_lib(system_cronjob_t) |
52 |
-') |
53 |
- |
54 |
-optional_policy(` |
55 |
samba_read_config(system_cronjob_t) |
56 |
samba_read_log(system_cronjob_t) |
57 |
') |