Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Jason Zaman <perfinion@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/system/
Date: Sat, 28 Nov 2020 23:09:37
Message-Id: 1606604172.46171c7e1b366ee26f62fcbceab9ea3c9f532628.perfinion@gentoo
1 commit: 46171c7e1b366ee26f62fcbceab9ea3c9f532628
2 Author: Jason Zaman <jason <AT> perfinion <DOT> com>
3 AuthorDate: Tue Nov 17 03:46:27 2020 +0000
4 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
5 CommitDate: Sat Nov 28 22:56:12 2020 +0000
6 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=46171c7e
7
8 init: upstream fcontexts from gentoo policy
9
10 Signed-off-by: Jason Zaman <jason <AT> perfinion.com>
11 Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
12
13 policy/modules/system/init.fc | 8 +++++++-
14 1 file changed, 7 insertions(+), 1 deletion(-)
15
16 diff --git a/policy/modules/system/init.fc b/policy/modules/system/init.fc
17 index 74fb8211..c8451701 100644
18 --- a/policy/modules/system/init.fc
19 +++ b/policy/modules/system/init.fc
20 @@ -44,8 +44,11 @@ ifdef(`distro_gentoo',`
21 /usr/sbin/upstart -- gen_context(system_u:object_r:init_exec_t,s0)
22
23 ifdef(`distro_gentoo', `
24 +/usr/lib/rc/cache(/.*)? gen_context(system_u:object_r:initrc_state_t,s0)
25 +/usr/lib/rc/console(/.*)? gen_context(system_u:object_r:initrc_state_t,s0)
26 /usr/lib/rc/init\.d(/.*)? gen_context(system_u:object_r:initrc_state_t,s0)
27 -/usr/sbin/rc -- gen_context(system_u:object_r:rc_exec_t,s0)
28 +/usr/sbin/rc -- gen_context(system_u:object_r:rc_exec_t,s0)
29 +/usr/sbin/openrc -- gen_context(system_u:object_r:rc_exec_t,s0)
30 /usr/sbin/openrc-init -- gen_context(system_u:object_r:init_exec_t,s0)
31 /usr/sbin/openrc-shutdown -- gen_context(system_u:object_r:init_exec_t,s0)
32 ')
33 @@ -79,6 +82,9 @@ ifdef(`distro_debian',`
34
35 ifdef(`distro_gentoo', `
36 /var/lib/init\.d(/.*)? gen_context(system_u:object_r:initrc_state_t,s0)
37 +/var/lib/ip6?tables(/.*)? gen_context(system_u:object_r:initrc_tmp_t,s0)
38 +
39 +/run/openrc(/.*)? gen_context(system_u:object_r:initrc_state_t,s0)
40 /run/svscan\.pid -- gen_context(system_u:object_r:initrc_runtime_t,s0)
41 ')
Report Message
Find on MARC Find on Google Groups