Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Jason Zaman <perfinion@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/
Date: Tue, 12 Dec 2017 07:59:25
Message-Id: 1513062450.9fd7c1d7cd40977f22af7970e1d4d943912ed5d2.perfinion@gentoo
1 commit: 9fd7c1d7cd40977f22af7970e1d4d943912ed5d2
2 Author: David Sugar <dsugar <AT> tresys <DOT> com>
3 AuthorDate: Wed Dec 6 18:23:41 2017 +0000
4 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
5 CommitDate: Tue Dec 12 07:07:30 2017 +0000
6 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=9fd7c1d7
7
8 Allow to read /proc/sys/crypto/fips_enabled
9
10 Allow accountsd_t and policykitd_t to read /proc/sys/crypto/fips_enabled
11
12 policy/modules/contrib/accountsd.te | 1 +
13 policy/modules/contrib/policykit.te | 1 +
14 2 files changed, 2 insertions(+)
15
16 diff --git a/policy/modules/contrib/accountsd.te b/policy/modules/contrib/accountsd.te
17 index d435a2d6..f56058cc 100644
18 --- a/policy/modules/contrib/accountsd.te
19 +++ b/policy/modules/contrib/accountsd.te
20 @@ -30,6 +30,7 @@ manage_dirs_pattern(accountsd_t, accountsd_var_lib_t, accountsd_var_lib_t)
21 manage_files_pattern(accountsd_t, accountsd_var_lib_t, accountsd_var_lib_t)
22 files_var_lib_filetrans(accountsd_t, accountsd_var_lib_t, dir)
23
24 +kernel_read_crypto_sysctls(accountsd_t)
25 kernel_read_kernel_sysctls(accountsd_t)
26 kernel_read_system_state(accountsd_t)
27
28
29 diff --git a/policy/modules/contrib/policykit.te b/policy/modules/contrib/policykit.te
30 index 9a0c4d5c..8f2035a0 100644
31 --- a/policy/modules/contrib/policykit.te
32 +++ b/policy/modules/contrib/policykit.te
33 @@ -85,6 +85,7 @@ can_exec(policykit_t, policykit_exec_t)
34 domtrans_pattern(policykit_t, policykit_auth_exec_t, policykit_auth_t)
35 domtrans_pattern(policykit_t, policykit_resolve_exec_t, policykit_resolve_t)
36
37 +kernel_read_crypto_sysctls(policykit_t)
38 kernel_read_kernel_sysctls(policykit_t)
39 kernel_read_system_state(policykit_t)
Report Message
Find on MARC Find on Google Groups