Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Sven Vermeulen <swift@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:swift commit in: policy/modules/contrib/
Date: Sat, 10 Oct 2015 12:11:36
Message-Id: 1440702511.7f5ece84232e3a6704b7e781203f4038a45417c3.swift@gentoo
1 commit: 7f5ece84232e3a6704b7e781203f4038a45417c3
2 Author: Jason Zaman <jason <AT> perfinion <DOT> com>
3 AuthorDate: Mon Aug 24 15:10:09 2015 +0000
4 Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
5 CommitDate: Thu Aug 27 19:08:31 2015 +0000
6 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=7f5ece84
7
8 hadoop: init_startstop_service() can not take attributes
9
10 policy/modules/contrib/hadoop.if | 13 +++++++++++--
11 1 file changed, 11 insertions(+), 2 deletions(-)
12
13 diff --git a/policy/modules/contrib/hadoop.if b/policy/modules/contrib/hadoop.if
14 index a0a819f..5908119 100644
15 --- a/policy/modules/contrib/hadoop.if
16 +++ b/policy/modules/contrib/hadoop.if
17 @@ -426,7 +426,6 @@ interface(`hadoop_admin',`
18 attribute hadoop_domain;
19 attribute hadoop_initrc_domain;
20
21 - attribute hadoop_init_script_file;
22 attribute hadoop_pid_file;
23 attribute hadoop_lock_file;
24 attribute hadoop_log_file;
25 @@ -436,12 +435,22 @@ interface(`hadoop_admin',`
26 type hadoop_t, hadoop_etc_t, hadoop_hsperfdata_t;
27 type zookeeper_t, zookeeper_etc_t, zookeeper_server_t;
28 type zookeeper_server_var_t;
29 +
30 + type hadoop_datanode_initrc_t, hadoop_datanode_initrc_exec_t;
31 + type hadoop_jobtracker_initrc_t, hadoop_jobtracker_initrc_exec_t;
32 + type hadoop_namenode_initrc_t, hadoop_namenode_initrc_exec_t;
33 + type hadoop_secondarynamenode_initrc_t, hadoop_secondarynamenode_initrc_exec_t;
34 + type hadoop_tasktracker_initrc_t, hadoop_tasktracker_initrc_exec_t;
35 ')
36
37 allow $1 { hadoop_domain hadoop_initrc_domain hadoop_t zookeeper_t zookeeper_server_t }:process { ptrace signal_perms };
38 ps_process_pattern($1, { hadoop_domain hadoop_initrc_domain hadoop_t zookeeper_t zookeeper_server_t })
39
40 - init_startstop_service($1, $2, hadoop_domain, hadoop_init_script_file)
41 + init_startstop_service($1, $2, hadoop_datanode_initrc_t, hadoop_datanode_initrc_exec_t)
42 + init_startstop_service($1, $2, hadoop_jobtracker_initrc_t, hadoop_jobtracker_initrc_exec_t)
43 + init_startstop_service($1, $2, hadoop_namenode_initrc_t, hadoop_namenode_initrc_exec_t)
44 + init_startstop_service($1, $2, hadoop_secondarynamenode_initrc_t, hadoop_secondarynamenode_initrc_exec_t)
45 + init_startstop_service($1, $2, hadoop_tasktracker_initrc_t, hadoop_tasktracker_initrc_exec_t)
46
47 files_search_etc($1)
48 admin_pattern($1, { hadoop_etc_t zookeeper_etc_t })
Report Message
Find on MARC Find on Google Groups