1 |
commit: 943fe93787010a8bded9d75728cc3ab097ef3aeb |
2 |
Author: Jonathan Davies <jpds <AT> protonmail <DOT> com> |
3 |
AuthorDate: Thu Jan 27 19:48:57 2022 +0000 |
4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Jan 31 17:55:20 2022 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=943fe937 |
7 |
|
8 |
portage.te: Allow gcc_config_t to manage portage_tmp_t |
9 |
|
10 |
Allows /etc/env.d/04gcc-x86_64-gentoo-linux-musl to be correctly generated. |
11 |
|
12 |
Closes: https://github.com/perfinion/hardened-refpolicy/pull/26 |
13 |
Signed-off-by: Jonathan Davies <jpds <AT> protonmail.com> |
14 |
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org> |
15 |
|
16 |
policy/modules/admin/portage.te | 3 +++ |
17 |
1 file changed, 3 insertions(+) |
18 |
|
19 |
diff --git a/policy/modules/admin/portage.te b/policy/modules/admin/portage.te |
20 |
index cd66e6e7..9abbdc37 100644 |
21 |
--- a/policy/modules/admin/portage.te |
22 |
+++ b/policy/modules/admin/portage.te |
23 |
@@ -435,6 +435,9 @@ gen_tunable(portage_enable_test, false) |
24 |
can_exec(gcc_config_t, gcc_config_tmp_t) # libffi support |
25 |
files_tmp_filetrans(gcc_config_t, gcc_config_tmp_t, file) |
26 |
|
27 |
+ allow gcc_config_t portage_tmp_t:dir manage_dir_perms; |
28 |
+ allow gcc_config_t portage_tmp_t:file manage_file_perms; |
29 |
+ |
30 |
files_manage_etc_runtime_files(gcc_config_t) |
31 |
files_manage_etc_runtime_lnk_files(gcc_config_t) |