Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Sven Vermeulen <swift@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/system/
Date: Fri, 06 Dec 2013 17:33:40
Message-Id: 1386351058.ae706f76bd11bea48cf179ece1ba35ce676438c1.swift@gentoo
1 commit: ae706f76bd11bea48cf179ece1ba35ce676438c1
2 Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
3 AuthorDate: Tue Dec 3 14:45:16 2013 +0000
4 Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
5 CommitDate: Fri Dec 6 17:30:58 2013 +0000
6 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=ae706f76
7
8 Rearrage userdom_delete_user_tmpfs_files() interface.
9
10 ---
11 policy/modules/system/userdomain.if | 20 ++++++++++----------
12 1 file changed, 10 insertions(+), 10 deletions(-)
13
14 diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
15 index dbe838c..027a04f 100644
16 --- a/policy/modules/system/userdomain.if
17 +++ b/policy/modules/system/userdomain.if
18 @@ -2688,7 +2688,7 @@ interface(`userdom_tmp_filetrans_user_tmp',`
19
20 ########################################
21 ## <summary>
22 -## Delete user tmpfs files.
23 +## Read user tmpfs files.
24 ## </summary>
25 ## <param name="domain">
26 ## <summary>
27 @@ -2696,12 +2696,13 @@ interface(`userdom_tmp_filetrans_user_tmp',`
28 ## </summary>
29 ## </param>
30 #
31 -interface(`userdom_delete_user_tmpfs_files',`
32 +interface(`userdom_read_user_tmpfs_files',`
33 gen_require(`
34 type user_tmpfs_t;
35 ')
36
37 - delete_files_pattern($1, user_tmpfs_t, user_tmpfs_t)
38 + read_files_pattern($1, user_tmpfs_t, user_tmpfs_t)
39 + allow $1 user_tmpfs_t:dir list_dir_perms;
40 fs_search_tmpfs($1)
41 ')
42
43 @@ -2715,19 +2716,20 @@ interface(`userdom_delete_user_tmpfs_files',`
44 ## </summary>
45 ## </param>
46 #
47 -interface(`userdom_read_user_tmpfs_files',`
48 +interface(`userdom_rw_user_tmpfs_files',`
49 gen_require(`
50 type user_tmpfs_t;
51 ')
52
53 - read_files_pattern($1, user_tmpfs_t, user_tmpfs_t)
54 + rw_files_pattern($1, user_tmpfs_t, user_tmpfs_t)
55 + read_lnk_files_pattern($1, user_tmpfs_t, user_tmpfs_t)
56 allow $1 user_tmpfs_t:dir list_dir_perms;
57 fs_search_tmpfs($1)
58 ')
59
60 ########################################
61 ## <summary>
62 -## Read user tmpfs files.
63 +## Delete user tmpfs files.
64 ## </summary>
65 ## <param name="domain">
66 ## <summary>
67 @@ -2735,14 +2737,12 @@ interface(`userdom_read_user_tmpfs_files',`
68 ## </summary>
69 ## </param>
70 #
71 -interface(`userdom_rw_user_tmpfs_files',`
72 +interface(`userdom_delete_user_tmpfs_files',`
73 gen_require(`
74 type user_tmpfs_t;
75 ')
76
77 - rw_files_pattern($1, user_tmpfs_t, user_tmpfs_t)
78 - read_lnk_files_pattern($1, user_tmpfs_t, user_tmpfs_t)
79 - allow $1 user_tmpfs_t:dir list_dir_perms;
80 + delete_files_pattern($1, user_tmpfs_t, user_tmpfs_t)
81 fs_search_tmpfs($1)
82 ')
Report Message
Find on MARC Find on Google Groups