Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Sven Vermeulen <swift@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/
Date: Thu, 29 Jan 2015 20:53:11
Message-Id: 1422564666.b2003e0609bea6e44ac8da4c0f2c5580246012e4.swift@gentoo
1 commit: b2003e0609bea6e44ac8da4c0f2c5580246012e4
2 Author: Dominick Grift <dac.override <AT> gmail <DOT> com>
3 AuthorDate: Mon Jan 5 17:50:03 2015 +0000
4 Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
5 CommitDate: Thu Jan 29 20:51:06 2015 +0000
6 URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=b2003e06
7
8 Redundant rules and afs_files_t is not a filesystem type
9
10 ---
11 policy/modules/contrib/afs.te | 8 ++------
12 1 file changed, 2 insertions(+), 6 deletions(-)
13
14 diff --git a/policy/modules/contrib/afs.te b/policy/modules/contrib/afs.te
15 index 69067e3..2fb6932 100644
16 --- a/policy/modules/contrib/afs.te
17 +++ b/policy/modules/contrib/afs.te
18 @@ -1,4 +1,4 @@
19 -policy_module(afs, 1.9.1)
20 +policy_module(afs, 1.9.2)
21
22 ########################################
23 #
24 @@ -74,7 +74,7 @@ role system_r types afs_vlserver_t;
25
26 allow afs_t self:capability { dac_override sys_admin sys_nice sys_tty_config };
27 allow afs_t self:process { setsched signal };
28 -allow afs_t self:fifo_file rw_file_perms;
29 +allow afs_t self:fifo_file rw_fifo_file_perms;
30 allow afs_t self:unix_stream_socket { accept listen };
31
32 manage_files_pattern(afs_t, afs_cache_t, afs_cache_t)
33 @@ -153,13 +153,9 @@ allow afs_fsserver_t self:process { setsched signal_perms };
34 allow afs_fsserver_t self:fifo_file rw_fifo_file_perms;
35 allow afs_fsserver_t self:tcp_socket create_stream_socket_perms;
36
37 -read_files_pattern(afs_fsserver_t, afs_config_t, afs_config_t)
38 -allow afs_fsserver_t afs_config_t:dir list_dir_perms;
39 -
40 manage_dirs_pattern(afs_fsserver_t, afs_config_t, afs_config_t)
41 manage_files_pattern(afs_fsserver_t, afs_config_t, afs_config_t)
42
43 -allow afs_fsserver_t afs_files_t:filesystem getattr;
44 manage_dirs_pattern(afs_fsserver_t, afs_files_t, afs_files_t)
45 manage_files_pattern(afs_fsserver_t, afs_files_t, afs_files_t)
46 manage_lnk_files_pattern(afs_fsserver_t, afs_files_t, afs_files_t)
Report Message
Find on MARC Find on Google Groups