Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Sven Vermeulen <swift@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:swift commit in: policy/modules/contrib/
Date: Wed, 02 Dec 2015 15:45:28
Message-Id: 1445100470.26930c8978e8ae49829ee8b13e9da9ca05e024ce.swift@gentoo
1 commit: 26930c8978e8ae49829ee8b13e9da9ca05e024ce
2 Author: Luis Ressel <aranea <AT> aixah <DOT> de>
3 AuthorDate: Thu Oct 15 10:44:42 2015 +0000
4 Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
5 CommitDate: Sat Oct 17 16:47:50 2015 +0000
6 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=26930c89
7
8 portage: New read-only interfaces for srcrepo and logs
9
10 Create portage_read_srcrepo and portage_read_log interfaces.
11
12 policy/modules/contrib/portage.if | 40 +++++++++++++++++++++++++++++++++++++++
13 1 file changed, 40 insertions(+)
14
15 diff --git a/policy/modules/contrib/portage.if b/policy/modules/contrib/portage.if
16 index 4652319..962dcca 100644
17 --- a/policy/modules/contrib/portage.if
18 +++ b/policy/modules/contrib/portage.if
19 @@ -498,6 +498,46 @@ interface(`portage_read_ebuild',`
20
21 ########################################
22 ## <summary>
23 +## Read portage log files
24 +## </summary>
25 +## <param name="domain">
26 +## <summary>
27 +## Domain allowed access
28 +## </summary>
29 +## </param>
30 +#
31 +interface(`portage_read_log',`
32 + gen_require(`
33 + type portage_log_t;
34 + ')
35 +
36 + logging_search_logs($1)
37 + read_files_pattern($1, portage_log_t, portage_log_t)
38 +')
39 +
40 +########################################
41 +## <summary>
42 +## Read portage src repository files
43 +## </summary>
44 +## <param name="domain">
45 +## <summary>
46 +## Domain allowed access
47 +## </summary>
48 +## </param>
49 +#
50 +interface(`portage_read_srcrepo',`
51 + gen_require(`
52 + type portage_ebuild_t, portage_srcrepo_t;
53 + ')
54 +
55 + files_search_usr($1)
56 + list_dirs_pattern($1, portage_ebuild_t, portage_srcrepo_t)
57 + read_files_pattern($1, portage_srcrepo_t, portage_srcrepo_t)
58 + read_lnk_files_pattern($1, portage_srcrepo_t, portage_srcrepo_t)
59 +')
60 +
61 +########################################
62 +## <summary>
63 ## Do not audit writing portage cache files
64 ## </summary>
65 ## <param name="domain">
Report Message
Find on MARC Find on Google Groups