Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Sven Vermeulen <swift@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:next commit in: policy/modules/system/
Date: Fri, 28 Nov 2014 10:04:16
Message-Id: 1417125485.b86c4b022307c8477a9373e0677b9eb51240e71b.swift@gentoo
1 commit: b86c4b022307c8477a9373e0677b9eb51240e71b
2 Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
3 AuthorDate: Thu Nov 27 21:58:05 2014 +0000
4 Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
5 CommitDate: Thu Nov 27 21:58:05 2014 +0000
6 URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=b86c4b02
7
8 Fix bug #529430 - Various policy fixes to support lvmetad, dmeventd/lvm-monitoring
9
10 ---
11 policy/modules/system/lvm.fc | 9 +++++++++
12 policy/modules/system/lvm.te | 5 +++++
13 2 files changed, 14 insertions(+)
14
15 diff --git a/policy/modules/system/lvm.fc b/policy/modules/system/lvm.fc
16 index 13a5759..ea5ba34 100644
17 --- a/policy/modules/system/lvm.fc
18 +++ b/policy/modules/system/lvm.fc
19 @@ -105,3 +105,12 @@ ifdef(`distro_gentoo',`
20 /var/lock/lvm(/.*)? gen_context(system_u:object_r:lvm_lock_t,s0)
21 /var/run/multipathd\.sock -s gen_context(system_u:object_r:lvm_var_run_t,s0)
22 /var/run/dmevent.* gen_context(system_u:object_r:lvm_var_run_t,s0)
23 +
24 +ifdef(`distro_gentoo',`
25 +# Bug 529430 comment 7
26 +/sbin/lvmetad -- gen_context(system_u:object_r:lvm_exec_t,s0)
27 +/var/run/lvm(/.*)? gen_context(system_u:object_r:lvm_var_run_t,s0)
28 +
29 +# Bug 529430 comment 8
30 +/sbin/dmeventd -- gen_context(system_u:object_r:lvm_exec_t,s0)
31 +')
32
33 diff --git a/policy/modules/system/lvm.te b/policy/modules/system/lvm.te
34 index a5952f7..a1485fb 100644
35 --- a/policy/modules/system/lvm.te
36 +++ b/policy/modules/system/lvm.te
37 @@ -365,6 +365,11 @@ ifdef(`distro_gentoo',`
38 allow lvm_t self:socket create_stream_socket_perms;
39
40 create_dirs_pattern(lvm_t, lvm_etc_t, lvm_metadata_t)
41 + # Bug 529430 comment 6
42 + create_dirs_pattern(lvm_t, lvm_etc_t, lvm_etc_t)
43 + # BUg 529430 comment 8
44 + manage_fifo_files_pattern(lvm_t, lvm_var_run_t, lvm_var_run_t)
45 +
46 filetrans_pattern(lvm_t, lvm_etc_t, lvm_metadata_t, dir, "cache")
47
48 kernel_request_load_module(lvm_t)
Report Message
Find on MARC Find on Google Groups