Gentoo Archives: gentoo-commits

From: Sven Vermeulen <sven.vermeulen@××××××.be>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/
Date: Wed, 31 Oct 2012 18:11:44
Message-Id: 1351706675.c82b9b05d4f1f20845e29274e5a29370c77063dc.SwifT@gentoo
1 commit: c82b9b05d4f1f20845e29274e5a29370c77063dc
2 Author: Dominick Grift <dominick.grift <AT> gmail <DOT> com>
3 AuthorDate: Wed Oct 31 09:42:30 2012 +0000
4 Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
5 CommitDate: Wed Oct 31 18:04:35 2012 +0000
6 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=c82b9b05
7
8 Changes to the wdmd policy module
9
10 Module clean up
11
12 Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com>
13
14 ---
15 policy/modules/contrib/wdmd.fc | 4 ++--
16 policy/modules/contrib/wdmd.te | 4 ++--
17 2 files changed, 4 insertions(+), 4 deletions(-)
18
19 diff --git a/policy/modules/contrib/wdmd.fc b/policy/modules/contrib/wdmd.fc
20 index c926ef0..66f11f7 100644
21 --- a/policy/modules/contrib/wdmd.fc
22 +++ b/policy/modules/contrib/wdmd.fc
23 @@ -1,5 +1,5 @@
24 /etc/rc\.d/init\.d/wdmd -- gen_context(system_u:object_r:wdmd_initrc_exec_t,s0)
25
26 -/var/run/wdmd(/.*)? gen_context(system_u:object_r:wdmd_var_run_t,s0)
27 -
28 /usr/sbin/wdmd -- gen_context(system_u:object_r:wdmd_exec_t,s0)
29 +
30 +/var/run/wdmd(/.*)? gen_context(system_u:object_r:wdmd_var_run_t,s0)
31
32 diff --git a/policy/modules/contrib/wdmd.te b/policy/modules/contrib/wdmd.te
33 index 9d573cc..d21df6f 100644
34 --- a/policy/modules/contrib/wdmd.te
35 +++ b/policy/modules/contrib/wdmd.te
36 @@ -1,4 +1,4 @@
37 -policy_module(wdmd, 1.0.1)
38 +policy_module(wdmd, 1.0.2)
39
40 ########################################
41 #
42 @@ -26,7 +26,7 @@ files_pid_file(wdmd_var_run_t)
43 allow wdmd_t self:capability { chown sys_nice ipc_lock };
44 allow wdmd_t self:process { setsched signal };
45 allow wdmd_t self:fifo_file rw_fifo_file_perms;
46 -allow wdmd_t self:unix_stream_socket create_stream_socket_perms;
47 +allow wdmd_t self:unix_stream_socket { accept listen };
48
49 manage_dirs_pattern(wdmd_t, wdmd_var_run_t, wdmd_var_run_t)
50 manage_files_pattern(wdmd_t, wdmd_var_run_t, wdmd_var_run_t)