Gentoo Archives: gentoo-commits

From: Jason Zaman <perfinion@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/admin/
Date: Mon, 31 Jan 2022 19:31:22
Message-Id: 1643651720.943fe93787010a8bded9d75728cc3ab097ef3aeb.perfinion@gentoo
1 commit: 943fe93787010a8bded9d75728cc3ab097ef3aeb
2 Author: Jonathan Davies <jpds <AT> protonmail <DOT> com>
3 AuthorDate: Thu Jan 27 19:48:57 2022 +0000
4 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
5 CommitDate: Mon Jan 31 17:55:20 2022 +0000
6 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=943fe937
7
8 portage.te: Allow gcc_config_t to manage portage_tmp_t
9
10 Allows /etc/env.d/04gcc-x86_64-gentoo-linux-musl to be correctly generated.
11
12 Closes: https://github.com/perfinion/hardened-refpolicy/pull/26
13 Signed-off-by: Jonathan Davies <jpds <AT> protonmail.com>
14 Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
15
16 policy/modules/admin/portage.te | 3 +++
17 1 file changed, 3 insertions(+)
18
19 diff --git a/policy/modules/admin/portage.te b/policy/modules/admin/portage.te
20 index cd66e6e7..9abbdc37 100644
21 --- a/policy/modules/admin/portage.te
22 +++ b/policy/modules/admin/portage.te
23 @@ -435,6 +435,9 @@ gen_tunable(portage_enable_test, false)
24 can_exec(gcc_config_t, gcc_config_tmp_t) # libffi support
25 files_tmp_filetrans(gcc_config_t, gcc_config_tmp_t, file)
26
27 + allow gcc_config_t portage_tmp_t:dir manage_dir_perms;
28 + allow gcc_config_t portage_tmp_t:file manage_file_perms;
29 +
30 files_manage_etc_runtime_files(gcc_config_t)
31 files_manage_etc_runtime_lnk_files(gcc_config_t)