Gentoo Archives: gentoo-commits

From:	Matt Thode <prometheanfire@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/
Date:	Tue, 02 Oct 2012 13:53:08
Message-Id:	`1349185952.b819e0507cbd6f29eaef2a040cd77319f814ccb7.prometheanfire@gentoo`

1	commit: b819e0507cbd6f29eaef2a040cd77319f814ccb7
2	Author: Matthew Thode <mthode <AT> mthode <DOT> org>
3	AuthorDate: Tue Oct 2 13:52:32 2012 +0000
4	Commit: Matt Thode <prometheanfire <AT> gentoo <DOT> org>
5	CommitDate: Tue Oct 2 13:52:32 2012 +0000
6	URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=b819e050
7
8	lessened needed perms for portage autofs and added use of nsswitch
9
10	---
11	policy/modules/contrib/portage.te \| 4 +++-
12	1 files changed, 3 insertions(+), 1 deletions(-)
13
14	diff --git a/policy/modules/contrib/portage.te b/policy/modules/contrib/portage.te
15	index 128e7d6..321b1ac 100644
16	--- a/policy/modules/contrib/portage.te
17	+++ b/policy/modules/contrib/portage.te
18	@@ -193,6 +193,8 @@ files_manage_all_files(portage_t)
19	selinux_get_fs_mount(portage_t)
20
21	auth_manage_shadow(portage_t)
22	+auth_use_nsswitch(portage_fetch_t)
23	+auth_use_nsswitch(portage_sandbox_t)
24
25	# merging baselayout will need this:
26	init_exec(portage_t)
27	@@ -299,7 +301,6 @@ files_search_var_lib(portage_fetch_t)
28	files_dontaudit_search_pids(portage_fetch_t)
29
30	fs_search_auto_mountpoints(portage_fetch_t)
31	-dev_rw_autofs(portage_fetch_t)
32
33	logging_list_logs(portage_fetch_t)
34	logging_dontaudit_search_logs(portage_fetch_t)
35	@@ -321,6 +322,7 @@ ifdef(`hide_broken_symptoms',`
36	')
37
38	tunable_policy(`portage_use_nfs',`
39	+ fs_getattr_nfs(portage_t)
40	fs_getattr_nfs(portage_fetch_t)
41	fs_manage_nfs_dirs(portage_fetch_t)
42	fs_manage_nfs_files(portage_fetch_t)