Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Jason Zaman <perfinion@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:next commit in: policy/modules/system/
Date: Sat, 25 Feb 2017 14:59:43
Message-Id: 1488032128.9b0381b0a1bb48191b63472a7297882b81f1a1a5.perfinion@gentoo
1 commit: 9b0381b0a1bb48191b63472a7297882b81f1a1a5
2 Author: cgzones <cgzones <AT> googlemail <DOT> com>
3 AuthorDate: Thu Jan 5 11:14:08 2017 +0000
4 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
5 CommitDate: Sat Feb 25 14:15:28 2017 +0000
6 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=9b0381b0
7
8 add init_daemon_lock_file()
9
10 needed for ntp
11
12 policy/modules/system/init.if | 33 +++++++++++++++++++++++++++++++++
13 1 file changed, 33 insertions(+)
14
15 diff --git a/policy/modules/system/init.if b/policy/modules/system/init.if
16 index 1b26cf5e..4a36e12a 100644
17 --- a/policy/modules/system/init.if
18 +++ b/policy/modules/system/init.if
19 @@ -512,6 +512,39 @@ interface(`init_daemon_pid_file',`
20
21 ########################################
22 ## <summary>
23 +## Mark the file type as a daemon lock file, allowing initrc_t
24 +## to create it
25 +## </summary>
26 +## <param name="filetype">
27 +## <summary>
28 +## Type to mark as a daemon lock file
29 +## </summary>
30 +## </param>
31 +## <param name="class">
32 +## <summary>
33 +## Class on which the type is applied
34 +## </summary>
35 +## </param>
36 +## <param name="filename">
37 +## <summary>
38 +## Filename of the file that the init script creates
39 +## </summary>
40 +## </param>
41 +#
42 +interface(`init_daemon_lock_file',`
43 + gen_require(`
44 + type initrc_t;
45 + ')
46 +
47 + files_lock_file($1)
48 + files_lock_filetrans(initrc_t, $1, $2, $3)
49 +
50 + allow initrc_t $1:dir manage_dir_perms;
51 + allow initrc_t $1:file manage_file_perms;
52 +')
53 +
54 +########################################
55 +## <summary>
56 ## Mark the file type as a daemon run dir, allowing initrc_t
57 ## to create it
58 ## </summary>
Report Message
Find on MARC Find on Google Groups