Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Jason Zaman <perfinion@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/
Date: Sat, 25 Feb 2017 14:51:54
Message-Id: 1488034253.247f0728c48ca087ecfd18cb21719420248ce0a6.perfinion@gentoo
1 commit: 247f0728c48ca087ecfd18cb21719420248ce0a6
2 Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
3 AuthorDate: Thu Feb 23 23:15:45 2017 +0000
4 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
5 CommitDate: Sat Feb 25 14:50:53 2017 +0000
6 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=247f0728
7
8 samba: A few line moves.
9
10 policy/modules/contrib/samba.te | 11 ++++++-----
11 1 file changed, 6 insertions(+), 5 deletions(-)
12
13 diff --git a/policy/modules/contrib/samba.te b/policy/modules/contrib/samba.te
14 index 6f314b0c..afff38ff 100644
15 --- a/policy/modules/contrib/samba.te
16 +++ b/policy/modules/contrib/samba.te
17 @@ -381,11 +381,7 @@ auth_domtrans_chk_passwd(smbd_t)
18 auth_domtrans_upd_passwd(smbd_t)
19 auth_manage_cache(smbd_t)
20 auth_write_login_records(smbd_t)
21 -
22 auth_can_read_shadow_passwords(smbd_t)
23 -tunable_policy(`samba_read_shadow',`
24 - auth_tunable_read_shadow(smbd_t)
25 -')
26
27 init_rw_utmp(smbd_t)
28
29 @@ -446,6 +442,10 @@ tunable_policy(`samba_portmapper',`
30 corenet_tcp_sendrecv_all_ports(smbd_t)
31 ')
32
33 +tunable_policy(`samba_read_shadow',`
34 + auth_tunable_read_shadow(smbd_t)
35 +')
36 +
37 tunable_policy(`samba_share_nfs',`
38 fs_manage_nfs_dirs(smbd_t)
39 fs_manage_nfs_files(smbd_t)
40 @@ -560,6 +560,8 @@ kernel_read_network_state(nmbd_t)
41 kernel_read_software_raid_state(nmbd_t)
42 kernel_read_system_state(nmbd_t)
43
44 +corecmd_search_bin(nmbd_t)
45 +
46 corenet_all_recvfrom_unlabeled(nmbd_t)
47 corenet_all_recvfrom_netlabel(nmbd_t)
48 corenet_tcp_sendrecv_generic_if(nmbd_t)
49 @@ -576,7 +578,6 @@ corenet_sendrecv_smbd_client_packets(nmbd_t)
50 corenet_tcp_connect_smbd_port(nmbd_t)
51 corenet_tcp_sendrecv_smbd_port(nmbd_t)
52
53 -corecmd_search_bin(nmbd_t)
54 dev_read_urand(nmbd_t)
55 dev_read_sysfs(nmbd_t)
56 dev_getattr_mtrr_dev(nmbd_t)
Report Message
Find on MARC Find on Google Groups