[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/ - gentoo-commits

From:	Sven Vermeulen <sven.vermeulen@××××××.be>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/
Date:	Fri, 28 Sep 2012 17:51:20
Message-Id:	`1348854045.469c67a7130b6e1700b621c59db71587e1a486b9.SwifT@gentoo`

1

commit:     469c67a7130b6e1700b621c59db71587e1a486b9

2

Author:     Dominick Grift <dominick.grift <AT> gmail <DOT> com>

3

AuthorDate: Fri Sep 28 08:13:03 2012 +0000

4

Commit:     Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>

5

CommitDate: Fri Sep 28 17:40:45 2012 +0000

6

URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=469c67a7

7

8

Changes to the ddcprobe policy module

9

10

Use role attributes

11

Module clean up

12

13

Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com>

14

15

---

16

 policy/modules/contrib/ddcprobe.fc |    3 ---

17

 policy/modules/contrib/ddcprobe.if |   14 ++++++++------

18

 policy/modules/contrib/ddcprobe.te |    8 +++++---

19

 3 files changed, 13 insertions(+), 12 deletions(-)

20

21

diff --git a/policy/modules/contrib/ddcprobe.fc b/policy/modules/contrib/ddcprobe.fc

22

index 49e6a25..9f2a27f 100644

23

--- a/policy/modules/contrib/ddcprobe.fc

24

+++ b/policy/modules/contrib/ddcprobe.fc

25

@@ -1,4 +1 @@

26

-#

27

-# /usr

28

-#

29

 /usr/sbin/ddcprobe	--	gen_context(system_u:object_r:ddcprobe_exec_t,s0)

30

31

diff --git a/policy/modules/contrib/ddcprobe.if b/policy/modules/contrib/ddcprobe.if

32

index 9868652..aeddb69 100644

33

--- a/policy/modules/contrib/ddcprobe.if

34

+++ b/policy/modules/contrib/ddcprobe.if

35

@@ -1,4 +1,4 @@

36

-## <summary>ddcprobe retrieves monitor and graphics card information</summary>

37

+## <summary>ddcprobe retrieves monitor and graphics card information.</summary>

38

39

 ########################################

40

 ## <summary>

41

@@ -15,13 +15,15 @@ interface(`ddcprobe_domtrans',`

42

 		type ddcprobe_t, ddcprobe_exec_t;

43

')

44

45

+	corecmd_search_bin($1)

46

 	domtrans_pattern($1, ddcprobe_exec_t, ddcprobe_t)

47

')

48

49

 ########################################

50

 ## <summary>

51

-##	Execute ddcprobe in the ddcprobe domain, and

52

-##	allow the specified role the ddcprobe domain.

53

+##	Execute ddcprobe in the ddcprobe

54

+##	domain, and allow the specified

55

+##	role the ddcprobe domain.

56

 ## </summary>

57

 ## <param name="domain">

58

 ##	<summary>

59

@@ -30,16 +32,16 @@ interface(`ddcprobe_domtrans',`

60

 ## </param>

61

 ## <param name="role">

62

 ##	<summary>

63

-##	Role to be authenticated for ddcprobe domain.

64

+##	Role allowed access.

65

 ##	</summary>

66

 ## </param>

67

 ## <rolecap/>

68

#

69

 interface(`ddcprobe_run',`

70

 	gen_require(`

71

-		type ddcprobe_t;

72

+		attribute_role ddcprobe_roles;

73

')

74

75

 	ddcprobe_domtrans($1)

76

-	role $2 types ddcprobe_t;

77

+	roleattribute $2 ddcprobe_roles;

78

')

79

80

diff --git a/policy/modules/contrib/ddcprobe.te b/policy/modules/contrib/ddcprobe.te

81

index 6a22b71..ceb9bf4 100644

82

--- a/policy/modules/contrib/ddcprobe.te

83

+++ b/policy/modules/contrib/ddcprobe.te

84

@@ -1,14 +1,17 @@

85

-policy_module(ddcprobe, 1.2.0)

86

+policy_module(ddcprobe, 1.2.1)

87

88

 ########################################

89

#

90

 # Declarations

91

#

92

93

+attribute_role ddcprobe_roles;

94

+roleattribute system_r ddcprobe_roles;

95

+

96

 type ddcprobe_t;

97

 type ddcprobe_exec_t;

98

 application_domain(ddcprobe_t, ddcprobe_exec_t)

99

-role system_r types ddcprobe_t;

100

+role ddcprobe_roles types ddcprobe_t;

101

102

 ########################################

103

#

104

@@ -48,6 +51,5 @@ userdom_use_user_terminals(ddcprobe_t)

105

 userdom_use_all_users_fds(ddcprobe_t)

106

107

 optional_policy(`

108

-	#reh why? this does not seem even necessary to function properly

109

 	kudzu_getattr_exec_files(ddcprobe_t)

110

')

1	commit: 469c67a7130b6e1700b621c59db71587e1a486b9
2	Author: Dominick Grift <dominick.grift <AT> gmail <DOT> com>
3	AuthorDate: Fri Sep 28 08:13:03 2012 +0000
4	Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
5	CommitDate: Fri Sep 28 17:40:45 2012 +0000
6	URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=469c67a7
7
8	Changes to the ddcprobe policy module
9
10	Use role attributes
11	Module clean up
12
13	Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com>
14
15	---
16	policy/modules/contrib/ddcprobe.fc \| 3 ---
17	policy/modules/contrib/ddcprobe.if \| 14 ++++++++------
18	policy/modules/contrib/ddcprobe.te \| 8 +++++---
19	3 files changed, 13 insertions(+), 12 deletions(-)
20
21	diff --git a/policy/modules/contrib/ddcprobe.fc b/policy/modules/contrib/ddcprobe.fc
22	index 49e6a25..9f2a27f 100644
23	--- a/policy/modules/contrib/ddcprobe.fc
24	+++ b/policy/modules/contrib/ddcprobe.fc
25	@@ -1,4 +1 @@
26	-#
27	-# /usr
28	-#
29	/usr/sbin/ddcprobe -- gen_context(system_u:object_r:ddcprobe_exec_t,s0)
30
31	diff --git a/policy/modules/contrib/ddcprobe.if b/policy/modules/contrib/ddcprobe.if
32	index 9868652..aeddb69 100644
33	--- a/policy/modules/contrib/ddcprobe.if
34	+++ b/policy/modules/contrib/ddcprobe.if
35	@@ -1,4 +1,4 @@
36	-## <summary>ddcprobe retrieves monitor and graphics card information</summary>
37	+## <summary>ddcprobe retrieves monitor and graphics card information.</summary>
38
39	########################################
40	## <summary>
41	@@ -15,13 +15,15 @@ interface(`ddcprobe_domtrans',`
42	type ddcprobe_t, ddcprobe_exec_t;
43	')
44
45	+ corecmd_search_bin($1)
46	domtrans_pattern($1, ddcprobe_exec_t, ddcprobe_t)
47	')
48
49	########################################
50	## <summary>
51	-## Execute ddcprobe in the ddcprobe domain, and
52	-## allow the specified role the ddcprobe domain.
53	+## Execute ddcprobe in the ddcprobe
54	+## domain, and allow the specified
55	+## role the ddcprobe domain.
56	## </summary>
57	## <param name="domain">
58	## <summary>
59	@@ -30,16 +32,16 @@ interface(`ddcprobe_domtrans',`
60	## </param>
61	## <param name="role">
62	## <summary>
63	-## Role to be authenticated for ddcprobe domain.
64	+## Role allowed access.
65	## </summary>
66	## </param>
67	## <rolecap/>
68	#
69	interface(`ddcprobe_run',`
70	gen_require(`
71	- type ddcprobe_t;
72	+ attribute_role ddcprobe_roles;
73	')
74
75	ddcprobe_domtrans($1)
76	- role $2 types ddcprobe_t;
77	+ roleattribute $2 ddcprobe_roles;
78	')
79
80	diff --git a/policy/modules/contrib/ddcprobe.te b/policy/modules/contrib/ddcprobe.te
81	index 6a22b71..ceb9bf4 100644
82	--- a/policy/modules/contrib/ddcprobe.te
83	+++ b/policy/modules/contrib/ddcprobe.te
84	@@ -1,14 +1,17 @@
85	-policy_module(ddcprobe, 1.2.0)
86	+policy_module(ddcprobe, 1.2.1)
87
88	########################################
89	#
90	# Declarations
91	#
92
93	+attribute_role ddcprobe_roles;
94	+roleattribute system_r ddcprobe_roles;
95	+
96	type ddcprobe_t;
97	type ddcprobe_exec_t;
98	application_domain(ddcprobe_t, ddcprobe_exec_t)
99	-role system_r types ddcprobe_t;
100	+role ddcprobe_roles types ddcprobe_t;
101
102	########################################
103	#
104	@@ -48,6 +51,5 @@ userdom_use_user_terminals(ddcprobe_t)
105	userdom_use_all_users_fds(ddcprobe_t)
106
107	optional_policy(`
108	- #reh why? this does not seem even necessary to function properly
109	kudzu_getattr_exec_files(ddcprobe_t)
110	')

Gentoo Archives: gentoo-commits