Gentoo Archives: gentoo-commits

From: Jason Zaman <perfinion@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/system/
Date: Mon, 03 Oct 2016 06:21:16
Message-Id: 1475474661.90909b138975c956acff4d6d6abcd63003ed5b3b.perfinion@gentoo
1 commit: 90909b138975c956acff4d6d6abcd63003ed5b3b
2 Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
3 AuthorDate: Thu Sep 8 23:17:31 2016 +0000
4 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
5 CommitDate: Mon Oct 3 06:04:21 2016 +0000
6 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=90909b13
7
8 Additional change from Guido Trentalancia related to evolution.
9
10 policy/modules/system/userdomain.if | 22 ++++++++++++++++++++++
11 policy/modules/system/userdomain.te | 2 +-
12 2 files changed, 23 insertions(+), 1 deletion(-)
13
14 diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
15 index e6e434a..bf78a2b 100644
16 --- a/policy/modules/system/userdomain.if
17 +++ b/policy/modules/system/userdomain.if
18 @@ -2421,6 +2421,28 @@ interface(`userdom_read_user_certs',`
19
20 ########################################
21 ## <summary>
22 +## Do not audit attempts to manage
23 +## the user SSL certificates.
24 +## </summary>
25 +## <param name="domain">
26 +## <summary>
27 +## Domain allowed access.
28 +## </summary>
29 +## </param>
30 +## <rolecap/>
31 +#
32 +interface(`userdom_dontaudit_manage_user_certs',`
33 + gen_require(`
34 + type user_cert_t;
35 + ')
36 +
37 + dontaudit $1 user_cert_t:dir manage_dir_perms;
38 + dontaudit $1 user_cert_t:file manage_file_perms;
39 + dontaudit $1 user_cert_t:lnk_file manage_file_perms;
40 +')
41 +
42 +########################################
43 +## <summary>
44 ## Manage user SSL certificates.
45 ## </summary>
46 ## <param name="domain">
47
48 diff --git a/policy/modules/system/userdomain.te b/policy/modules/system/userdomain.te
49 index b44dd5d..c9774a1 100644
50 --- a/policy/modules/system/userdomain.te
51 +++ b/policy/modules/system/userdomain.te
52 @@ -1,4 +1,4 @@
53 -policy_module(userdomain, 4.11.6)
54 +policy_module(userdomain, 4.11.7)
55
56 ########################################
57 #