Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Jason Zaman <perfinion@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/
Date: Sat, 19 Dec 2015 03:15:28
Message-Id: 1450494668.07e4b0512b2184ad03b2800e2d3478427768ef06.perfinion@gentoo
1 commit: 07e4b0512b2184ad03b2800e2d3478427768ef06
2 Author: Jason Zaman <jason <AT> perfinion <DOT> com>
3 AuthorDate: Mon Nov 23 15:23:32 2015 +0000
4 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
5 CommitDate: Sat Dec 19 03:11:08 2015 +0000
6 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=07e4b051
7
8 portage: allow portage to rw all MLS levels
9
10 Without this, portage cannot merge packages that are trusted.
11 eg. sys-process/audit fails to merge /etc/audit/ because it is s15.
12
13 policy/modules/contrib/portage.te | 5 +++++
14 1 file changed, 5 insertions(+)
15
16 diff --git a/policy/modules/contrib/portage.te b/policy/modules/contrib/portage.te
17 index 2f62eb6..19bd8c8 100644
18 --- a/policy/modules/contrib/portage.te
19 +++ b/policy/modules/contrib/portage.te
20 @@ -449,6 +449,11 @@ gen_tunable(portage_enable_test, false)
21 corecmd_relabel_bin_files(portage_t)
22 corecmd_relabel_bin_lnk_files(portage_t)
23
24 + mls_file_read_all_levels(portage_t)
25 + mls_file_write_all_levels(portage_t)
26 + mls_file_upgrade(portage_t)
27 + mls_file_downgrade(portage_t)
28 +
29 auth_use_nsswitch(portage_t)
30
31 # Support cgroup FEATURES
Report Message
Find on MARC Find on Google Groups