Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Sven Vermeulen <swift@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
Date: Sun, 03 Nov 2013 11:19:13
Message-Id: 1383477131.79328a8d79780d669e3830e6b9e7bac81ce89727.swift@gentoo
1 commit: 79328a8d79780d669e3830e6b9e7bac81ce89727
2 Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
3 AuthorDate: Sun Nov 3 11:12:11 2013 +0000
4 Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
5 CommitDate: Sun Nov 3 11:12:11 2013 +0000
6 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=79328a8d
7
8 Add relabel interfaces for bin_t dir and lnk_files
9
10 These interfaces will be used later by the portage_t domain.
11
12 ---
13 policy/modules/kernel/corecommands.if | 38 +++++++++++++++++++++++++++++++++++
14 1 file changed, 38 insertions(+)
15
16 diff --git a/policy/modules/kernel/corecommands.if b/policy/modules/kernel/corecommands.if
17 index 9e9263a..917b160 100644
18 --- a/policy/modules/kernel/corecommands.if
19 +++ b/policy/modules/kernel/corecommands.if
20 @@ -1091,3 +1091,41 @@ interface(`corecmd_mmap_all_executables',`
21
22 mmap_files_pattern($1, bin_t, exec_type)
23 ')
24 +
25 +# Now starts gentoo specific but cannot use ifdef_distro gentoo here
26 +
27 +########################################
28 +## <summary>
29 +## Relabel to and from the bin type.
30 +## </summary>
31 +## <param name="domain">
32 +## <summary>
33 +## Domain allowed access.
34 +## </summary>
35 +## </param>
36 +#
37 +interface(`corecmd_relabel_bin_dirs',`
38 + gen_require(`
39 + type bin_t;
40 + ')
41 +
42 + relabel_dirs_pattern($1, bin_t, bin_t)
43 +')
44 +
45 +########################################
46 +## <summary>
47 +## Relabel to and from the bin type.
48 +## </summary>
49 +## <param name="domain">
50 +## <summary>
51 +## Domain allowed access.
52 +## </summary>
53 +## </param>
54 +#
55 +interface(`corecmd_relabel_bin_lnk_files',`
56 + gen_require(`
57 + type bin_t;
58 + ')
59 +
60 + relabel_lnk_files_pattern($1, bin_t, bin_t)
61 +')
Report Message
Find on MARC Find on Google Groups