[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/ - gentoo-commits

From:	Sven Vermeulen <swift@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/
Date:	Sat, 07 Jun 2014 19:18:15
Message-Id:	`1402168327.16ff7b295abda770a89717da10f312fc235c9050.swift@gentoo`

1

commit:     16ff7b295abda770a89717da10f312fc235c9050

2

Author:     Jason Zaman <jason <AT> perfinion <DOT> com>

3

AuthorDate: Sat Jun  7 19:09:59 2014 +0000

4

Commit:     Sven Vermeulen <swift <AT> gentoo <DOT> org>

5

CommitDate: Sat Jun  7 19:12:07 2014 +0000

6

URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=16ff7b29

7

8

Gentoo additions for the Dropbox module

9

10

Signed-off-by: Jason Zaman <jason <AT> perfinion.com>

11

12

---

13

 policy/modules/contrib/dropbox.fc | 3 +++

14

 policy/modules/contrib/dropbox.te | 8 ++++++++

15

 2 files changed, 11 insertions(+)

16

17

diff --git a/policy/modules/contrib/dropbox.fc b/policy/modules/contrib/dropbox.fc

18

index 8f35880..ddc22f0 100644

19

--- a/policy/modules/contrib/dropbox.fc

20

+++ b/policy/modules/contrib/dropbox.fc

21

@@ -7,5 +7,8 @@ HOME_DIR/\.dropbox-master(/.*)?             gen_context(system_u:object_r:dropbo

22

 HOME_DIR/\.dropbox-dist/dropboxd?        -- gen_context(system_u:object_r:dropbox_exec_t,s0)

23

24

 /opt/bin/dropbox                         -l gen_context(system_u:object_r:dropbox_exec_t,s0)

25

+/opt/dropbox/.*py?\.?.*egg(/.*)?            gen_context(system_u:object_r:lib_t,s0)

26

+/opt/dropbox/lib.*\.so\..                -- gen_context(system_u:object_r:lib_t,s0)

27

 /opt/dropbox/dropboxd?                   -- gen_context(system_u:object_r:dropbox_exec_t,s0)

28

+/opt/dropbox/library\.zip                -l gen_context(system_u:object_r:lib_t,s0)

29

30

31

diff --git a/policy/modules/contrib/dropbox.te b/policy/modules/contrib/dropbox.te

32

index 1348ff0..0921a59 100644

33

--- a/policy/modules/contrib/dropbox.te

34

+++ b/policy/modules/contrib/dropbox.te

35

@@ -108,3 +108,11 @@ tunable_policy(`dropbox_bind_port',`

36

 	allow dropbox_t self:udp_socket { send_msg recv_msg };

37

')

38

39

+ifdef(`distro_gentoo',`

40

+	optional_policy(`

41

+		xdg_read_config_home_files(dropbox_t)

42

+		xdg_read_data_home_files(dropbox_t)

43

+		userdom_user_content_access_template(dropbox, dropbox_t)

44

+	')

45

+')

46

+

1	commit: 16ff7b295abda770a89717da10f312fc235c9050
2	Author: Jason Zaman <jason <AT> perfinion <DOT> com>
3	AuthorDate: Sat Jun 7 19:09:59 2014 +0000
4	Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
5	CommitDate: Sat Jun 7 19:12:07 2014 +0000
6	URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=16ff7b29
7
8	Gentoo additions for the Dropbox module
9
10	Signed-off-by: Jason Zaman <jason <AT> perfinion.com>
11
12	---
13	policy/modules/contrib/dropbox.fc \| 3 +++
14	policy/modules/contrib/dropbox.te \| 8 ++++++++
15	2 files changed, 11 insertions(+)
16
17	diff --git a/policy/modules/contrib/dropbox.fc b/policy/modules/contrib/dropbox.fc
18	index 8f35880..ddc22f0 100644
19	--- a/policy/modules/contrib/dropbox.fc
20	+++ b/policy/modules/contrib/dropbox.fc
21	@@ -7,5 +7,8 @@ HOME_DIR/\.dropbox-master(/.*)? gen_context(system_u:object_r:dropbo
22	HOME_DIR/\.dropbox-dist/dropboxd? -- gen_context(system_u:object_r:dropbox_exec_t,s0)
23
24	/opt/bin/dropbox -l gen_context(system_u:object_r:dropbox_exec_t,s0)
25	+/opt/dropbox/.py?\.?.egg(/.*)? gen_context(system_u:object_r:lib_t,s0)
26	+/opt/dropbox/lib.*\.so\.. -- gen_context(system_u:object_r:lib_t,s0)
27	/opt/dropbox/dropboxd? -- gen_context(system_u:object_r:dropbox_exec_t,s0)
28	+/opt/dropbox/library\.zip -l gen_context(system_u:object_r:lib_t,s0)
29
30
31	diff --git a/policy/modules/contrib/dropbox.te b/policy/modules/contrib/dropbox.te
32	index 1348ff0..0921a59 100644
33	--- a/policy/modules/contrib/dropbox.te
34	+++ b/policy/modules/contrib/dropbox.te
35	@@ -108,3 +108,11 @@ tunable_policy(`dropbox_bind_port',`
36	allow dropbox_t self:udp_socket { send_msg recv_msg };
37	')
38
39	+ifdef(`distro_gentoo',`
40	+ optional_policy(`
41	+ xdg_read_config_home_files(dropbox_t)
42	+ xdg_read_data_home_files(dropbox_t)
43	+ userdom_user_content_access_template(dropbox, dropbox_t)
44	+ ')
45	+')
46	+

Gentoo Archives: gentoo-commits